About This Architecture

Bulbank's mobile banking network uses a multi-tier DMZ architecture with CheckPoint perimeter firewall, reverse proxy, and internal Cisco firewall protecting Apache Tomcat backend servers and FlexCube core banking system. Traffic flows from iOS/Android clients through the external CheckPoint firewall (82.84.80.121) to the BBMProxy reverse proxy (192.168.100.100) over HTTPS 443, then through the internal Cisco firewall to application and data domains. The backend tier runs Apache Tomcat on Windows Server 2019 with JRE 11 (192.168.123.101), connecting to FlexCube Unix core banking (192.168.123.105) and MSSQL database (192.168.124.99 port 1433) for transaction processing. This architecture enforces defense-in-depth with dual firewalls, encrypted channels, and strict network segmentation between public, DMZ, and intranet zones. Fork this diagram on Diagrams.so to customize firewall rules, add load balancers, or model failover scenarios for your banking platform.

People also ask

How should I architect a secure mobile banking network with multiple firewall tiers and core banking system integration?

This diagram shows a defense-in-depth approach using CheckPoint perimeter firewall, BBMProxy reverse proxy, and Cisco internal firewall to protect Apache Tomcat backend servers and FlexCube core banking system. Traffic is encrypted end-to-end (HTTPS 443), network zones are strictly segmented, and database access is isolated on port 1433.