In 1990, the Ministry of Finance in Taiwan set out to accelerate customs clearance operations and help reduce the cost of international trade. As a result, the “Cargo Customs Clearance Automation Planning and Implementation Team” was established to build Taiwan’s import and export customs clearance automation system. When the customs clearance automation and tariff payment system for sea and air cargo were successfully implemented, a new era began in Taiwan’s trade history. To continue to promote the digitalization of Taiwan’s industries, the “Cargo Customs Clearance Automation Planning and Implementation Group” was privatized as Customs and Trade Network Co., Ltd – known as Trade-Van.
Supporting 60,000 customers, Trade-Van’s services help remove barriers to trade and ensure that the people of Taiwan have access to the imported goods they need.
At-a-Glance
With Rancher Prime and NeuVector Prime, Trade-Van has accelerated the production of highly secure applications built as microservices deployed in containers. The organization’s containerized landscape offers greater resilience and flexibility, supporting Trade-Van in improving the efficiency, speed and cost-effectiveness of Taiwan’s international trade.
The journey to containers
As technology advances at a rapid pace, Trade-Van continually expands the scope of its services, and its customers are evolving, too. Trade-Van is expected to provide faster, more secure and more integrated solutions to connect and integrate import- and export-related operations including cargo customs clearance, tariff payments, and cargo offsets and refunds. To provide customers with a more convenient and secure service, Trade-Van provides fast, reliable and secure cloud native applications.
“My department’s goal is to help us achieve digital transformation, accelerate innovation and improve business efficiency,” says Alex Peng, associate manager & deputy CTO of the cloud technology business group at Trade-Van. “To serve our customers better and increase flexibility and speed, we want to transform our existing monolithic infrastructure.”
Chengfeng Wu, manager of the software engineering department at Trade-Van, adds, “As competition heats up, we can only maintain our lead through innovation and transformation. Technology is changing fast, and we need the ability to quickly adopt new approaches and frameworks.”
Trade-Van decided that an approach based on microservices and containerization would be its best option for a more flexible and responsive future.
“Containerization can make it much easier to develop, deploy and migrate applications, particularly in the context of CI/CD and DevOps practices,” says manager Wu. “You can dynamically assign resources to containers more efficiently than you can with virtual machines. It’s also easier to isolate services for greater security and resilience.”
“NeuVector Prime provides a clear and powerful user interface that makes it easy to apply our security policies.”
Why Rancher Prime and NeuVector Prime?
Trade-Van began experimenting with Kubernetes and soon determined that “NeuVector Prime provides a clear and powerful user interface that makes it easy to apply our security policies.” Alex Peng Associate Manager & Deputy CTO of Cloud Technology Business Group Trade-Van manually managing its highly diverse environment would be extremely challenging and time-consuming. That’s why the company selected Rancher Prime to simplify and automate Kubernetes operations.
“We ran a proof-of-concept exercise and determined that Rancher Prime was easier to learn and to operate than competing solutions,” says associate manager Peng.
Manager Wu adds, “We started with the community version, but when we were ready to move into production and provide services to our customers, we invested in Rancher Prime to get the benefit of enterprise support services from SUSE.”
When implementing Rancher Prime, Trade-Van also selected and deployed NeuVector Prime, a zero trust container security platform.
“For container security management, we initially considered firewall solutions, but managing them was too complicated,” says associate manager Peng. “By contrast, NeuVector Prime provides a clear and powerful user interface that makes it easy to apply our security policies.”
The impact of Rancher Prime
Following the adoption of Rancher Prime to modernize its workflow, Trade-Van has experienced a range of significant benefits. These include unified system management, faster cluster deployments, streamlined system updates and a reduced dependency on specific IT infrastructure.
Unifies system management
With the help of Rancher Prime, Trade-Van has established 10 Kubernetes clusters. These clusters support all phases of product development – from internal testing and staging platforms to providing customer-facing SaaS environments. Manager Wu clearly articulates the value of Rancher Prime, “The key reason we chose Rancher Prime is that it provides unified management, monitoring, updating and deployment for multiple Kubernetes clusters.”
Deploys clusters faster
The speed of deploying new Kubernetes environments has dramatically improved with Rancher Prime. As associate manager Peng explains: “Before we deployed Rancher Prime, it would potentially take two or three days to deploy a cluster and install an application. Now it takes just one or two hours.” This increased pace in setting up new environments allows Trade-Van to be more agile and responsive to business needs.
Streamlines system update processes
Rancher Prime’s benefits extend beyond the initial deployment. The process of applying updates and changes to applications has also become quicker and more straightforward. Trade-Van can make modifications almost instantly, responding to evolving requirements or new feature requests by customers.
Manager Wu adds: “Previously, we would often need to download installation packs for middleware, install them, perform checks and finally, apply our configuration. With Rancher Prime, I can usually just click a button to trigger automatic provisioning of prepackaged software, saving time and effort.”
This agility significantly contributes to maintaining the rapid and efficient flow of goods in and out of Taiwan, enhancing the country’s appeal as a place to do business.
Reduces dependencies in IT infrastructure
By moving to a containerized environment with Rancher Prime, Trade-Van has simplified its management of technology dependencies. Applications can now be isolated with their specific requirements, reducing the risk of version conflicts. This isolation allows each application to access the resources it needs without impacting any others, resulting in a more reliable and consistent development environment.
As manager Wu notes: “We can easily separate technologies to ensure that each application has the resources it needs without impacting any other application. It’s much easier than trying to manage dependencies in a virtual machine environment, and we also have less hardware-related dependency. In the past, our developers would sometimes run into issues because of differences between the beta testing environment and the production environment. Using containers on Rancher Prime, we can ensure that everyone gets the environment they expect.”
The impact of NeuVector Prime
NeuVector Prime plays a central role in Trade-Van’s security strategy. Deployed across its entire containerized landscape, NeuVector Prime monitors and manages security throughout the software lifecycle, from the early stages of development to the deployment in production. This early integration of security, especially as Trade-Van adopts CI/CD practices, allows potential threats to be identified and addressed in the initial phases of development, thereby enhancing the overall quality of the applications while saving valuable time. The benefits of NeuVector Prime manifest in several areas, from visualizing threats to automated threat containment.
Visualizes threats
One of the key features of NeuVector Prime that Trade-Van is leveraging is its ability to provide a clear and immediate visualization of security threats.
“NeuVector Prime can isolate the affected containers during a security alert and illustrate the incident on a network topology diagram,” says manager Wu. This feature not only helps in pinpointing the exact nature and location of the threat but also aids in understanding its potential impact across the system.”
Learns the environment for enhanced threat detection
NeuVector Prime’s machine learning component further elevates its security capabilities. It learns typical network addresses and their associated requests, becoming attuned to the normal behavior of Trade-Van’s system. “It raises an alert if the observed behavior deviates from the norm,” manager Wu explains. This proactive detection mechanism enhances Trade-Van’s ability to spot potential security risks faster and more accurately.
Automates threat detection and containment
Another significant benefit of NeuVector Prime is its automated threat containment. “We have configured NeuVector Prime to automatically isolate a container in case of a security breach,” says manager Wu. By instantly securing the environment and preventing further contamination, NeuVector Prime minimizes any potential damage. “This guarantees our customers that their data is safe with us and that we can effectively support their business needs,” manager Wu adds.
Enhances flexibility and operational efficiency
Associate manager Peng rounds up the discussion with the observation that the combination of NeuVector Prime and Rancher Prime doesn’t just enhance security — it also brings operational benefits. “The combination provides us with outstanding cross-platform flexibility and improved operational efficiency,” says associate manager Peng. This ability to secure and streamline operations at the same time further amplifies the value that NeuVector Prime brings to Trade-Van.
The impact of Priority Support
As Trade-Van continues to diversify its business activities and expand its customer base, the organization will increasingly rely on the smooth operation of its information systems. With round-the-clock Priority Support technical services from SUSE for its Rancher Prime and NeuVector Prime systems, Trade-Van can be confident that its services will always be available for customers.
“SUSE Priority Support gives us 24/7 backing from a highly professional team, together with education and training for our software developers,” says associate manager Peng.
Manager Wu adds: “The Priority Support from SUSE is fast and responsive, and it also keeps us up to date with new developments in the market.”
What’s next for Trade-Van?
Trade-Van is now looking into deploying Harvester as the basis for a hyperconverged infrastructure, and Longhorn for cloud native, persistent block storage. These efforts aim to enable Trade-Van to develop new, edge-of-network services for a more efficient exchange of information with customers. As such Trade-Van’s SUSE landscape will continue to grow and evolve. With the ongoing development of new customer-facing cloud native applications, Trade-Van expects to further reduce international trade complexities and costs, ultimately contributing to Taiwan’s continued prosperity.