Synovus Bank - Online Banking Portal Identity Federation and Access Control

Technical Summary
Forum Sentry provides HTML security and identity access control for Synovus Bank online banking. Identity components include HTTP cookie session management, Security components include HTTPS acceleration, URI filtering.

Sentry Technology Components Used
This use case utilizes the following technology components that are available and integrated with the Forum Sentry product.

Protocol Policies HTTP, HTTPS
Content Policies HTML, XML, SOAP
Mediation Policies Protocol Header Mapping
Security Policies SSLv3, Form Post Value Checking, WAF inspection
Task Policies Conditional Processing
Identity Policies LDAP
Governance Policies Authorization failure, Authentication Failure


Use Case Description

Synovus Financial is a $33B Financial Institution that provides retail and commercial banking throughout Southeast U.S. Using Forum Sentry and the SOA gateway platform, deployed a Federated SOA strategy for call centers, branch platforms, deposit platforms, loan platforms, Internet and Mobile Banking. This architecture went on to win the CIO Grand Prize. In the first year alone, the Sentry architecture allowed cutting $1M/year in 3rd Party processing.

The Forum Sentry identity functionality is heavily used to provide HTML portal cookie SSO. Deployment of Forum Sentry technology to manage the identity and SSO allowed Synovus to completely remove the CA Siteminder solution and reduce costs further by $500k per year. This new architecture reduced the login time to the online banking portal for 200,000 concurrent users from 22 seconds to 6 seconds.

Today, Synovus Bank processes over 11 billion transactions per year, with up to 200,000 concurrent users through Forum Sentry gateway architecture.