How to begin using Alliance Connect Virtual on Google Cloud with Swift Alliance Cloud
Financial institutions may benefit from the scalability, flexibility, and affordability of cloud infrastructure while upholding the security and dependability requirements necessary for financial transactions by using Swift’s Alliance Connect Virtual on Google Cloud. Institutions may simplify their infrastructure, save operating costs, and quicken their digital transformation projects by virtualizing the conventionally hardware-based Swift VPN connections. Furthermore, Google Cloud’s strong security features and compliance certifications contribute to the protection of private financial information.
Alliance Connect Virtual
Alliance Connect Virtual Architecture on Google Cloud
Reference designs for the Alliance Connect Virtual connection project’s Google Cloud deployment are displayed in the following diagrams. Depending on the customer’s preferred connectivity package (Gold, Silver, or Bronze), Alliance Connect Virtual is configured in Google Cloud and offers connectivity to Swift via virtualized Juniper vSRX VPN as well as internet or pseudo-leased-line connections to the Swift Network through network providers. Four VLAN attachments make up a pseudo-leased line, and each pair of VLAN attachments has two Partner Interconnect connections and its own Cloud Router.
There are three options available for Alliance Connect Virtual: Bronze, Silver, and Gold. You can use the tier that best suits your needs based on the criticality of your Swift traffic and your resilience requirements. The architecture for each package may be seen below.
Alliance Connect Virtual Gold:

Alliance Connect Virtual Gold
Of the three alternatives, the Alliance Connect Virtual Gold connectivity package offers the best service quality and resilience. An enterprise-grade connection to Google Cloud, which offers the highest throughput of the three packages, is used to connect to Swift via Partner Interconnect, which provides two connections with equal capacity. A service provider with a dedicated connection processes traffic. Your traffic makes fewer hops when it avoids the public internet, which reduces the number of sites of failure where it might be dropped or interrupted. Customers that handle over 40,000 messages a day are the target audience for this option.
Alliance Connect Virtual Silver:

Alliance Connect Virtual Silver
The Alliance Connect Virtual Silver package offers high bandwidth and throughput connections via a single dedicated pseudo-leased connection via Partner Interconnect, a network provider. An internet connection is included in this configuration as a backup. This choice is intended for users that process 1,000–40,000 messages daily.
Alliance Connect Virtual Bronze:

Alliance Connect Virtual Bronze
Internet access is inexpensive with the Bronze Alliance Virtual Connect option. Two VPN boxes can be connected in this configuration to have a backup connection in case the primary one fails. Customers that handle up to 1,000 messages daily are the target audience for this service.
The components of this architecture are as follows:
- A collection of VPC networks (Untrust VPC, Trust VPC, Interconnect VPC, and Management VPC) for various vSRX network interfaces in order to separate the traffic. Through the Untrust VPC, traffic is routed to Partner Interconnect or the internet.
- A collection of VPC Subnets (Untrust Subnets, Trust Subnets, Interconnect Subnets, and Management Subnets) for various vSRX network interfaces in order to separate the traffic
- A collection of firewall rules that regulate incoming and outgoing traffic between other VPCs and the Swift Network
- Route configuration for the VPCs mentioned above
- According to the aforementioned design, cloud routers are what provide Cloud Interconnect its routing.
- To create a secure connection to the Swift network, use VLAN attachments for Partner Cloud Interconnect.
- Cryptographic key management with cloud KMS
- Virtual machines for compute engines where the vSRX appliance will be installed in order to build up high availability
Swift application designs
Swift provides a range of communications interfaces that are suited to varying client requirements and complexity levels. The architecture for deploying the various messaging apps on Google Cloud and connecting with Alliance Virtual Connect is shown below.
- Alliance Cloud
- Alliance Access
- Alliance Messaging Hub
The application project deploys the High Availability (HA) tool in addition to the messaging interface. By using Alliance Connect Virtual (the connectivity packs used in the VPN project), this utility improves the robustness and uptime of the connection to the Swift network. This is accomplished by the HA VM application using:
- Routing table management and monitoring helps guarantee that traffic may be smoothly diverted via the alternate path, reducing disturbance, in the event that one availability zone or connection path to the Swift network becomes unavailable.
- Keeping redundant vSRX machines: Usually, the two Compute Engine VMs that house the Juniper vSRX VPN are managed by the HA VMs, with one vSRX serving as the main connection point and the other as a standby. The other vSRX automatically assumes control of the connection in the event that the primary vSRX fails, assisting in maintaining service continuity.
Alliance Cloud on Google Cloud
Customers may access Swift’s services through Alliance Cloud, a fully managed financial cloud-based messaging interface that offers the advantages of cloud deployments, including less infrastructure administration. Because Alliance Cloud is hosted and maintained by Swift, it has a lower total cost of ownership.
In order to link message flows from customers’ back-office applications with Alliance Cloud, Alliance Cloud provides the following connecting options.
- Alliance Cloud provides a direct API known as the Swift Messaging API (more details can be found on the Swift messaging API | Swift Developer Portal), which enables RESTful API integration between Alliance Cloud and client back-office systems. Selecting one of Swift’s API footprint options—zero footprint, Swift SDK, or Swift Microgateway—will do this (more details are available on the Swift developer page).
- Alliance Cloud uses the Swift Integration Layer to provide a software footprint. This provides file and RESTful API communication between the back-office applications of the customers and the Swift Integration Layer.
Alliance Access on Google Cloud
Banks and other financial institutions may connect securely to Swift with Alliance Access, a Swift communications interface. You may deploy and manage Alliance Access components in your Google Cloud environment. The Alliance Access solution will consist of the following elements:
- The foundation of the solution is Alliance Access Server, a piece of software that is set up on the infrastructure of the organization. It serves as a conduit between the Swift network and the internal systems of the organization.
- Alliance Web Platform: A web-based interface that enables users to manage settings, keep an eye on message flows, and carry out a number of operational duties associated with Swift messaging.
- Alliance Gateway: By focusing your flows from several interfaces through to Swift, this component offers further security and routing features.
- Alliance Gateway may conduct application-to-application communication via SwiftNet services with SwiftNet Link (SNL). Alliance Virtual Connect’s various connection packs on Google Cloud may be used to establish connectivity.
Since Alliance Access has its own integrated Oracle database Standard Edition instance, it doesn’t need a separate Oracle database instance to perform its essential functions. The reference architecture mentioned above makes use of the embedded OracleDB, which is the deployment technique that Google Cloud supports for Alliance Access.
Oracle database Standard Edition is integrated into Alliance Web Platform and Alliance Gateway. These products don’t store business data; instead, they utilize it primarily to store settings and logs.
Alliance Messaging Hub
Swift provides a modular financial communications system called Alliance communications Hub (AMH). AMH offers routing across several message systems, high throughput, and advanced data management. The Alliance Messaging Hub (AMH) solution will consist of the following parts:
- The solution’s central component is the AMH Physical Nodes, or servers. A software program known as an AMH Physical Node serves as a conduit between the Swift network and the institution’s internal systems. It is possible to deploy one or more of these servers.
- Alliance Gateway: By focusing your flows from several interfaces onto Swift, this optional component offers further security and routing features.
- SNL: Makes it possible for Alliance Gateway to communicate with other applications using SwiftNet services. Alliance Virtual Connect’s various connectivity packs on Google Cloud may be used to set it up.
- AMH Physical Nodes share an Oracle database: AMH does not offer the option of an embedded Oracle database, in contrast to Alliance Access. Customers of AMH are required to supply the database. Customers may use Bare Metal Solution, which offers a secure environment for running specialized workloads, including Oracle databases, on high-performance, bare-metal servers, to host their Oracle databases on Google Cloud. However, users now have a lot of options to host their Oracle databases on the cloud with the Google Cloud and Oracle relationship, such utilizing Compute Engine or Oracle Database@Google Cloud. Oracle Database@Google Cloud enables users to host database services on Oracle Cloud Infrastructure (OCI) hardware in a Google Cloud datacenter.
Why use Google Cloud’s Swift connectivity?
Because of Google Cloud’s built-in benefits, implementing the Swift communication stack there presents a strong option for financial institutions:
- For mission-critical financial processes, Google Cloud’s strong infrastructure, which is tailored to particular workload and industry requirements, guarantees high availability and dependability.
- Because this infrastructure is AI-optimized, organizations can use automation and sophisticated analytics to increase productivity and security.
- Furthermore, Google Cloud’s dedication to sustainability complements the rising focus on ethical business practices by assisting companies in reducing their environmental impact while utilizing cutting-edge technology.
- Additionally, Google Cloud’s AI-powered collaboration features simplify workflow and communication procedures, enabling teams to operate more productively and successfully.
The aforementioned reference designs use network components and Google Cloud Infrastructure to provide a safe and dependable connection to Swift. Establishing a secure connection to Swift requires the following Google Cloud components:
Partner Interconnect: Through a supported service provider, Google Cloud Partner Interconnect provides a means of connecting Alliance Connect Virtual VPC and Swift’s on-premises network. This kind of connection avoids the public internet and offers dependable and secure data delivery. Additionally, this system is scalable, so you may expand its capacity as your demands evolve.
Bare Metal Rack HSM: Swift HSM is an essential part of the Swift architecture. Swift’s Public Key Infrastructure (PKI) credentials are protected by this specialized hardware device, which guarantees safe live traffic signing and production service authentication. Customers can use Bare Metal Rack HSM to host Swift HSM and take advantage of the cloud’s advantages. Bare Metal Rack HSM offers switches and racks specifically designed to house HSMs, guaranteeing isolation and a high level of environmental control.
This is in line with Swift HSM’s security standards, which call for strong protection of critical key material. The Bare Metal Rack HSM solution guarantees low-latency connectivity to Google Cloud workloads since it is housed in colocation facilities with active peering fabrics. A highly available service is facilitated by Google’s requirements for these facilities and redundant infrastructure. Additionally, it is housed in facilities that adhere to SOC 1, 2, and 3 standards as well as PCI-DSS and PCI-3DS.
Oracle Database: In order to implement Alliance Messaging Hub, Swift clients must set up an Oracle database. Customers can easily move, upgrade, and manage their Oracle-based apps in the cloud with Google’s cooperation with Oracle, which gives them many alternatives for deploying Oracle databases. The many methods for deploying Oracle on Google Cloud that provide you with deployment options may be found here.