The bandwidth problems began for First National Bank of Pennsylvania soon after the addition of more than 20 new branches, which pumped some $700 million of assets into its holding company, FNB Corporation, in 2005.
The Hermitage, Pa.-based bank had just deepened its presence in Pittsburgh, was operating 141 branches across much of Western Pennsylvania and several counties hugging the Northeastern tip of Ohio and weighing in at $5.7 billion in assets. But teller and ATM transactions were suddenly getting held up on the network. Customer calls, powered in the call center by voice-over-IP, were snarled, disrupted, choppy or dropped completely.
Knowing it had to convince the bevy of new customers FNB had just welcomed into its fold that it would provide prompt, uninterrupted services-that the post-merger transitions for customers would be smooth and hassle-free, so none would bolt-the bank made unraveling the network birds' nests a priority.
Mark Arblaster, FNB's senior network engineer tasked with solving the problem, first purchased a solution from AT&T, the bank's circuits provider, to pinpoint the bandwidth sap. But it couldn't cover more than four remote locations, whereas the company needed to investigate hundreds of the sites it managed.
After Arblaster took to surfing the Web site of FNB's router and switch vendor, Cisco, for third-party network analysis tools, he eventually chose Scrutinizer NetFlow and sFlow Analyzer from Sanford, Maine-based Plixer International.
Scrutinizer allowed Arblaster to open a window onto the bank's network and quickly spot problems across the circuitry "within a few mouse clicks," he said. With this insight he could easily reallocate workflows in the short-term: The delays Scrutinizer helped to identify mostly involved one-off, bandwidth intensive data projects, which could be delayed or rescheduled. Now at $8.8 billion in assets, the bank has since added bandwidth as well.
The app has also helped the network team better configure the bank's production and data replication flows. "We can verify our changes [with Scrutinizer] to make sure we're not using too much bandwidth if we need to move replication over to the production side, if we're having an issue with our dedicated circuit."
FNB runs two data centers supporting 295 branches and offices across all its banking, insurance, trust, leasing and finance affiliates.
Plixer's tool additionally assists FNB in estimating bandwidth drain from new software add-ons. "If we're leery of how well a new application is going to perform, we'll run tests with Scrutinizer at a branch to see what it'll take up, knowing 'x' number of people will use it at one time," Arblaster said.
Scrutinzer's competitors include Fluke Networks, Lancope, ManageEngine, Ntop, NetScout, NetQoS and Solarwinds. All these tools process and analyze "flow records" generated from switches and routers in the network.
Generally, "any hardware sold within the last 5 years" is enabled to produce such flow reports, says Lawrence Orans, a Gartner research director. Arblaster says he found Scrutinizer's functionality was quicker, more intuitive and "50 percent cheaper" than rivals. Its annual cost was $800 less than FNB's old telco solution's monthly fee, he said, resulting in $32,000 in annual savings.
Network performance management (NPM) tools may initially help firms discern operational clogs from security risks; Scrutinizer has done this, Arblaster says, and Lancope straddles both disciplines, says Orans. But security-focused apps require network behavior analysis (NBA) technology, and are therefore mostly sold separately.
Most NPM tools support both NetFlow and sFlow reporting protocols, because each supports competing hardware and firms often use a mix of rival routers and switches. NetFlow tools typically collect 100 percent of network traffic and packets but provide fewer details than sFlow; sFlow tools collect samples of packets, but they reveal the entire payload of the packets.
"Next generation NetFlow exports are application aware," says Plixer's CEO Michael Patterson. Built on the IP Flow Information Export (IPFIX) protocol, the tools display exact Web addresses, corresponding clients, servers and slowed applications.
