Ecological Win-Win | LeagSoft and Huawei Jointly Build an Intelligent Endpoint Security Defense for Bank Rakyat Indonesia (BRI)

Bank Rakyat Indonesia (BRI) is one of Indonesia's major state-owned commercial banks, with over a century of history and a comprehensive service network. As digital transformation accelerates, the bank recently upgraded its endpoint security management system. By adopting the joint solution from LeagSoft and Huawei, it has enhanced its overall endpoint security level.

Addressing New Threats: Security Challenges Faced by Legacy Systems

BRI's original network access control equipment had been in use for over five years and could no longer meet current diverse security requirements functionally. Meanwhile, the existing endpoint management software had limited capabilities, making it difficult to achieve coordinated management between security checks and network access control. Faced with a large number of widely distributed endpoints, the bank required a centralized, secure, and compliant endpoint network access solution.

The Solution: Deeply Integrated Ecological Cooperation

This project employed an NAC & MDM solution composed of LeagSoft's LV7000 Endpoint Management System (UniAccess and UniNAC) deployed in coordination with Huawei's NCE-Campus. This system builds a functional framework of "Network Access Identity Authentication + Network Access Security Compliance Check + Network Access Resource Authorization + Endpoint Automatic Remediation" for Windows and Mac users.

▲ MDM Deployment Architecture Diagram for Bank Rakyat Indonesia

Coordinated Authentication and Continuous Checking

Certificate-based authentication is achieved through the coordination between NCE and LV7000. After the initial authentication, users are not required to periodically re-enter usernames and passwords. The system automatically performs regular endpoint checks and implements automatic isolation for non-compliant endpoints, enhancing user experience while ensuring secure endpoint access.

Unified Centralized Management

A centralized deployment architecture is adopted, simplifying management processes, improving response speed, and effectively enhancing both user experience and operational management efficiency.

Ensuring High Availability

The NCE and LV7000 servers are deployed in a hot-standby mode. If the primary server fails, the standby server automatically takes over, ensuring business continuity and uninterrupted user access.

Strengthening Endpoint Security Baselines

The security baseline standards for network access endpoints are comprehensively elevated. By checking multiple indicators such as endpoint firewall status, antivirus software installation and update status, and the latest virus database scan time (required to be within one day), the system systematically enhances endpoints' self-protection and threat resistance capabilities.

Software Standardization Management

Strict control over software installed on endpoints is enforced through software whitelist and blacklist mechanisms. Combined with the software store function, this effectively prevents the intrusion of malware, rogue software, and pirated software, purifies the endpoint environment, mitigates copyright risks, and improves operational security and efficiency.

Security Auditing and Behavior Tracing

The system automatically logs control operations and related security events, collecting key information such as endpoint IP, MAC address, and time in detail. This supports precise identification of the source of leaks and responsible parties, enabling rapid response to and effective containment of security incidents.

Technological Synergy, Value Co-Creation

Technically, LeagSoft's LV7000 and Huawei's NCE-Campus achieved seamless integration through API interfaces, forming an automated closed-loop process of "Endpoint Check - Policy Decision - Network Execution," delivering significant value to Bank Rakyat Indonesia:

Flexible and Easily Expandable Solution: The coordinated deployment of NCE and LV7000 not only enables uninterrupted user internet access, periodic endpoint detection, and trusted access but also offers excellent scalability. For future new requirements, no additional client installation is needed. Simply activating via authorization allows configuration to be completed within 10 minutes and take effect within 1 minute, greatly improving deployment efficiency and adaptability.

Unified Management, Secure and Compliant: An integrated architecture is adopted to achieve centralized and efficient management of all network endpoints, eliminating security blind spots. By implementing endpoint standardization management, the self-protection capability and risk resistance level of endpoints are comprehensively enhanced, simultaneously meeting compliance regulatory requirements at the national, industry, and enterprise internal levels.

Secure and Efficient with Excellent Experience: After the initial authentication, users are not required to periodically re-enter usernames and passwords, significantly simplifying the operation process. After client installation, periodic endpoint checks, dynamic authorization, and intelligent remediation are performed automatically without manual intervention from administrators, ensuring security while markedly improving the user experience.

Ecological Win-Win: Opening a New Chapter in Financial Security

The first phase of the project involved centralized system deployment at the Jakarta headquarters, supporting secure access management for over 10,000 endpoint devices. It will be gradually promoted and applied to other urban areas, ultimately achieving trusted and secure access for all company computers and mobile endpoints.

As a Huawei ecosystem partner, LeagSoft, leveraging its extensive local experience in endpoint security, formed deep synergy with Huawei, achieving complementary advantages. This collaboration not only effectively addressed the security challenges faced by Bank Rakyat Indonesia but also demonstrated the openness and professional capabilities of the Huawei ecosystem. It provides new ideas for cybersecurity construction in the overseas financial industry, helping customers build efficient and reliable security solutions.

On the path of digital transformation, LeagSoft will continue to deepen ecological cooperation, working hand-in-hand with ecosystem partners to build a safer and more reliable network environment for global customers, realizing a promising future of ecological win-win.