M idsize banks have something on their minds these days besides serving customers and staying competitive — the need to modernize their core banking systems. A recent study by UBM TechWeb found that the core systems at more than 60 percent of banks are at least five years old, and about 40 percent of banking executives say their core systems or legacy systems were developed in house. The executives also

acknowledge that these numbers point to a range of underlying problems, including challenges around development and upgrades (61%); cost of operations/total cost of ownership (54%); performance opti-mization and tuning (46%); reduced compatibility and interoperability (41%); and software licensing

and upgrades (31%). But there may be an even more fundamental challenge. The biggest banks

with the largest capital reserves enjoy a competitive advantage by running the latest and best-performing core banking systems. This gives them a technology edge over midsize banks, which often translates into being first to launch new customer services, mobile applications, same-day person-to-person payments, and other tools for boosting market share.

Fortunately, the right core banking system can level the playing field for smaller banks, while also providing a foundation for additional business ben-efits. A modern banking system based on the right industry-standard servers can also help financial institutions reduce operating expenses, give them the ability to quickly scale IT systems to meet growing customer demands, and offer a way for them to better manage big data and use the information to yield important insights about customer behavior.

To do this, a number of banks are focusing their modernization efforts on replacing legacy RISC servers or mainframe systems with x86 servers. But migrations to these industry-standard platforms can be successful only if IT administrators make the right choices for mission-critical performance and essential levels of RAS — shorthand for the no-compromise reliability, availability and serviceability requirements inherent in core systems for financial institutions.

Here are the key technology building blocks midsize banks need when designing a core banking infrastructure that takes advantage of today’s best industry-standard technologies.

Technology Primer Sponsor

Checklist for a Modern Core Banking System

✓ Industry standards

✓ High-performance x86 servers

✓ RAS (reliability, availability, and serviceability)

✓ Hardware-accelerated encryption and decryption

✓ Virtualization optimization

Building Blocks Modern Core Banking System

How to ensure high performance, reliability and security when moving from legacy systems to industry-standard solutions

MARCH 2012

for a

A UBM TECHWEB

A UBM TECHWEB TECHNOLOGY PRIMERCORE BANKING SYSTEMS

// 2 //

Reliability, Availability and Serviceability in ServersServers are the centerpiece of a core banking system modernization effort. Many midsize banks are see-ing a host of advantages when moving to hardware-based on industry-standard x86 technologies and away from proprietary RISC and mainframe systems. One reason: The most advanced segments of the x86 platform have closed the performance gap and they have also surpassed the performance levels that used to distinguish proprietary systems.

The latest benchmark numbers document this trend. Best-in-class x86 processors now attain more than three times the performance for virtualization and database processing than previous generations

of servers. The technologies are also registering industry-leading performance across a variety of enterprise and technical computing benchmarks.

But just as important when building a foundation for mission-critical banking sys-tems, the x86 systems need to offer high levels of reliability, availability and serviceability. One important aspect of this is Machine Check Architecture Recovery (MCA Recovery), which for years has been available only in proprietary RISC servers and mainframe sys-tems. MCA Recovery steps in to launch a Machine Check Exception whenever errors occur in a processor or memory resource. MCA Recovery also coordinates efforts with the operating system to recover and continue normal operations by retiring a memory page, stopping the relevant virtual machine, or taking some other necessary action.

Other RAS capabilities to look for include data integrity monitoring, which detects and mitigates errors that may occur in major system components and communication

links. Core banking systems also require x86 platforms that can improve system availability using such features as multiple layers of redundancy and the ability of operating systems to assist in recoveries from uncorrectable errors that would otherwise cause servers to crash.

Finally, IT managers should evaluate x86 options for two additional features: predictive failure analysis, to identify problem components before they fail, and the ability to employ partitioning to isolate workloads and enable more efficient maintenance cycles.

Cost BenefitsThe good news is that midsize banks no longer have to pay the premium prices associated with RISC and mainframe systems to benefit from these advanced performance and RAS features. According to some industry estimates, the cost of servers running industry-standard processors can be 50 percent lower than a comparable RISC-based system, or about a quarter the price of an IBM Power7 processor. This means that replacing RISC systems with the right industry-standard servers can deliver benefits that exceed the cost and risk of migration.

Banks can see additional advantages by moving from Unix-based environments to an industry-standard platform:

• License fees for Linux or Microsoft Windows are typically less than for Unix operating systems.• Linux and Windows support a larger number of enterprise applications.• Banks avoid getting locked into a single vendor of high-end RISC systems.• IT departments can tap into a much larger pool of consultants and skilled IT professionals.

With many of these benefits in mind, enterprises are already relying on industry-standard servers for other important IT resources, such as business intelligence, data warehousing, database and ERP systems.

Hardened SecurityAdvanced Encryption Standard (AES), an encryption standard adopted a decade ago by the U.S. govern ment, has become one of the most widely used standards for protecting corporate IT infrastructures and network traffic. Now, a series of enhancements to leading x86 architectures are making pervasive AES protection possible for core banking systems and other mission-critical applications, without a compromise in performance. Pervasive encryption wasn’t always practical because software-based AES algorithms require high amounts of computing power to encrypt and decrypt data. In some cases, to achieve both encryption and acceptable performance, some organizations opted to dedicate an entire system just to handle the cryptography chores. With AES embedded into x86 silicon, however, not only are these special-purpose encryption systems unnecessary, but IT managers may actually see an overall increase in performance even when encrypting data.

The performance difference is possible because of new hardware instructions in x86 processors that accelerate AES encryption by reducing CPU cycles. Some of these custom instructions focus on

The good news is that midsize banks

no longer have to pay premium prices

associated with RISC and mainframe

systems to benefit from advanced

performance and reliability features.

A UBM TECHWEB TECHNOLOGY PRIMERCORE BANKING SYSTEMS

// 3 //

speeding the creation of cryptographic keys. Others are designed to enhance security by addressing a particular threat known as a side channel attack, which is associated with software-based AES encryption in environments using multiple cores, threads or operating systems. These attacks take advantage of the fact that software-based AES holds encryption blocks, keys and lookup tables in memory. So malicious code running on the platform may potentially seed the cache, run cryptographic operations, and then time specially crafted memory accesses to identify changes in the cache. From these changes, the attack could determine portions of the cryptographic key value. For example, by measuring the time it takes for a given cryptographic operation, an attacker may be able to determine that the uppermost bit of a key is a “0.” Knowing that single bit cuts in half the key space that must be searched to identify the

complete key value. More effective side-channel attacks reduce the key space significantly because they can identify half the bits in the key.

Hardware-based AES encryption avoids these threats because it eliminates in-memory lookup tables and encryption blocks. Instead, these elements are executed in hardware within the microprocessor.

The result is faster, more secure encryption, which makes the widespread use of encryption feasible. For example, banks can encrypt and decrypt an entire database with no degradation in performance for some core banking transactions.

For added security, some top-end x86 systems are now able to isolate the execution of code in protected hardware partitions with dedicated resources managed by the processor, chipset and operating system kernel. These safe execution spaces block any unauthorized software from monitoring or interacting with the protected software as it processes sensitive data while invisible to the rest of the system. This hardware-level security protection can also create a protected area of storage for sensitive data, including encryption keys.

Virtualization ExpandsIT managers at financial services institutions should also look for an advanced x86 architecture that optimizes virtualization — another essential capability for core banking systems. Leading x86 proces-sors now include virtualization technology embedded into the silicon. The benefits of this approach include:

• Acceleration of fundamental virtualization processes throughout the platform

• Virtual machine failover, load-balancing and disaster recovery capabilities

• An additional layer of built-in security that allows IT man-agers to verify the safety of virtualized pools of resources

These hardware-enabled innovations are helping to make virtualiza-tion pervasive throughout bank IT environments, as organizations progress from simply consolidating general-business applications to virtualizing larger, mission-critical workloads.

The Right FoundationWith the right industry-standard hardware platforms, midsize banks can put building blocks in place to compete with larger institutions, efficiently deliver innovative products to customers, and reduce the financial overhead of maintaining modern core banking systems.

Intel® Xeon® processor-based servers are the go-to choice when enterprises decide to migrate from RISC-based or mainframe servers to a high-performance, industry-standard, highly available server platform. Driving this adoption are four main advantages:

1. Industry-Leading Performance — Servers using the latest Intel Xeon E7 processors are delivering world-class performance across a range of benchmarks. For example, in benchmarks comparing the Intel Xeon E7-4800 servers against Oracle/Sun T3-4 servers, the Xeon platform ran at 160 percent the performance of its competitor. When matched against Oracle/Sun M4000-based servers, the Xeon E7-4800 logged a 600 percent performance rate.

Memory capacity per socket in the Intel Xeon E7 family is more than 30 percent higher than competing x86 architectures, and some suppliers are delivering innovative designs based on specialized chipsets that support even higher memory capacity. The larger capacity helps eliminate a key roadblock for financial services institutions that must host large, data-intensive applications, such as enterprise databases, data warehouses and real-time analytics.

2. No-Compromise RAS — Intel Xeon E7 processors achieve high-end reliability, availability and serviceability traditionally associated only with proprietary RISC and mainframe systems. To do this, Machine Check Architecture (MCA) Recovery technology has been incorporated for the first time in the x86 platform.

3. Hardware-Assisted Security — Intel® AES-NI is a new encryption instruction set that improves on the Advanced Encryption Standard (AES) algorithm and accelerates the encryption of data. Composed of seven new instructions, Intel AES-NI delivers faster, more affordable data protection and helps make pervasive encryption possible. In addition, Intel® Trusted Executive Technology (Intel TXT) provides security screening before the system boots, using policies that are put into place to ensure system integrity during the boot process.

4. Virtualization Innovations — Intel® Virtualization Technology (Intel VT) boosts performance and provides for greater business continuity through live migrations. Intel Virtualization Technology FlexMigration (Intel® VT FlexMigration) enables shared resources among diverse operating systems, versions and applications for protection of existing investments.

Additional Resources

Intel can act as a trusted advisor as bank IT managers plan migrations from legacy core banking systems to the x86 platform. Better Bank Systems, a community for news and analysis about banks’ core systems, can offer additional guidance for migrations.

✓ W H AT I N T E L O F F E R S

All trademarks, trade names, service marks and logos used herein are the property of their respective companies.

© 2012 UBM TechWeb, a division of United Business Media LLC. All Rights Reserved.