Although the trend among large banks is to upgrade their networks to 10 gigabit Ethernet (particularly if they offer trading services), community banks in rural areas typically don't have the luxury of purchasing such high-end network equipment. "We're starting to make a move [toward 10 gigabit Ethernet] for our internal LAN, but getting anything higher than a DS3 for a WAN connection is hard when you're out in the middle of nowhere," notes Mark Arblaster, senior network engineer for First National Bank of Pennsylvania, an $8.8 billion bank based in Hermitage, Pa.
Until recently, the bank had a 12 megabit ATM connection between its headquarters and branches, and performance issues abounded. Much of the communication between the remote sites and main sites was transactional data from tellers and ATM traffic. Too much traffic over too little bandwidth resulted in sluggish responses from critical systems (some of which stopped altogether), and dropped and poor quality VoIP phone calls.
To remedy this, first the bank installed T3 lines (providing around 45 megabits per second throughput) to improve the flow of normal data traffic. Then Arblaster began monitoring the traffic to identify problems, as well as to assess the impact of IT changes, such as deploying new applications or servers.
"We rolled out new servers to our branch locations, and looking at the traffic coming in from those servers, we found there were tweaks we could make that would cut traffic in half," Arblaster recalls. "At the time, we had 20 or 30 rolled out, and we were we able to make those changes before rolling the rest of the servers out, to keep from overwhelming ourselves."
At first the bank used a network analyzer product from its telecom provider that cost about $32,000 a year in fees.
Then it bought a product called Scrutinizer from Plixer that cost less than $10,000. Annual maintenance is below $1,000 a year.
Scrutinizer provides a dashboard-style overview of all the bank's circuits and their performance. Then Arblaster can drill down to see which servers and applications are taking up the majority of the bandwidth. Then he can go ask bandwidth-hogging users what they are doing and try to come up with less network-intense alternatives.
The analyzer tool is especially useful at monitoring the bank's replication between its primary data centers and its hot site. "We use it a lot for verification so if we need to make a configuration change we can see if traffic is slowing," Arblaster says. "It's also good for data trending, so say replication is taking six hours now and a month ago it only took four hours, we might want to make some changes."
Arblaster also uses the network monitoring tool to deal with security incidents. If a machine tries to communicate with a known bad site, he can use the tool to examine the traffic and shut down all the machines that have tried to interact with that site.