It’s no surprise that monitoring and managing networks in the financial services industry is a complex task with plenty of challenges. In addition to the “standard” networking requirements, like high availability and traffic capacity planning, IT in the finance industry has to deal with regulatory and industry-specific challenges that create even more issues to deal with.

Let’s take a closer look at the particular IT challenges for banking and financial services, and how granular network visibility—particularly traffic visibility—can help you address them.

Common IT challenges for banks and financial services

The hyper-competitive nature of finance, coupled with the added challenges of satisfying customer expectations around mobile access connectivity, and federal and state regulatory requirements, create a unique, but common, set of IT networking challenges for banks and financial services, including:

  • High availability. Downtime is costly in every industry, but it’s particularly expensive in financial services. Not only is the finance industry often at or near the top of “cost per minute” of downtime stats, the impact of downtime on an institution’s reputation can be high too. With that in mind, it’s easy to see why high availability and fault tolerance are table stakes in the world of finance and IT.
  • Performance. High-frequency trading, where nanoseconds can make a difference, may be an extreme example of just how important network performance is in finance, but just about every aspect of day to day operations now depend on it as well. Everything from customer-facing portals to videoconferencing depends on high network performance.
  • Security and compliance. Financial institutions are high-value targets for attackers. They’re also businesses built on trust, and a high-profile hack can do serious damage to your long-term reputation. That means network security is a top priority for every IT team. Trust in the finance sector is also predicated on government regulation. So in addition to data security requirements, regulations also often require detailed and auditable network documentation.
  • Distributed network management. Financial services networks include a wide range of separate networks spread across multiple locations, such as branches, ATMs, corporate data centers, and home offices for remote workers. Monitoring and managing all of that is hard enough, even if you build it from the ground up. It’s even harder when you’re dealing with heterogeneous networks resulting from several mergers and acquisitions.
  • Cost and tool sprawl. Hardware and bandwidth costs aside, simply monitoring and managing complex financial networks can be expensive. While there are specialized tools for many use cases, at scale this leads to tool sprawl: an ever-growing set of disconnected applications that may or may not integrate with one another. Both the licensing and operational costs of this method can add up fast.

Complexity is the recurring theme in financial services networks

In practice, banking and financial services networks are a web of apps, internal and external LANs and WANs, network devices, and geographic locations. Often, mergers and acquisitions (M&As) make things even more complex, as a single institution must integrate multiple heterogeneous production networks.

As a result, baselining performance across sites, network device management, identifying bottlenecks, and drilling down when a specific issue needs to be debugged can become a significant challenge. There’s simply no one-size-fits-all answer, and optimizing to address one area often leads to tradeoffs in another (e.g., cost vs performance).

How is network visibility key to addressing complexity?

Getting those trade-offs right boils down to knowing your network, and making decisions with context. Fundamentally, addressing the complexity of financial networks starts with making sure your network visibility is both wide and deep. By “wide” network visibility, I mean across the entire network end-to-end. By “deep” network visibility, I mean down to the device and data flow level.

What precisely should you account for when it comes to achieving wide and deep network visibility? Let’s break it down into four categories that I like to think of as “levels”:

  • Level 1: Network asset management. Without a detailed network device and application inventory to start with, you can’t have any deeper network visibility. A good network asset management tool should maintain a running list of every device that connects to the network. Network discovery uses common network protocols to identify and describe network devices, and can also help keep your inventory current. At a minimum, it should include information like: IP address, MAC address, make, model and serial number, software/firmware version, and end-of-support dates. Starting with a detailed network asset inventory is the foundation for visibility into the rest of your network.
  • Level 2: Network mapping. Network mapping allows you to see the connections between those discovered devices at Layers 1, 2, and 3 of the OSI model. Fundamentally, network mapping helps you answer questions like: “where are my devices?” and “how are they connected?” This map needs to be dynamic, updating in real-time as devices come on and offline.
Automation is key to maintaining visibility.

It’s possible to perform network mapping, device discovery, and asset management manually, but it’s not sustainable. Modern networks are dynamic, and manual device inventories and network maps often go stale shortly after they’re created. That leads to tech debt, negative feedback loops, and finance and IT staff that simply don’t trust the available network documentation.

  • Level 3: Performance monitoring. Performance monitoring enables us to get an accurate picture of our network health (current snapshots and historical performance), from an overall perspective, like bandwidth usage and throughput, down to individual device metrics. Metrics captured using protocols like SNMP, WMI, and Syslog can determine everything from dropped packets to CPU utilization to application-level errors.
  • Level 4: Traffic visibility. The “lowest” level of network visibility drills down to the data flows, and connections between devices. With traffic visibility, you can capture insights such as geolocation data for outbound traffic, and identify unapproved application use.

Traffic visibility for bank and finance network monitoring

With Level 3 network monitoring, banks and financial institutions can make a lot of headway in understanding the health of their network, and even proactively addressing bottlenecks. However, for granular insights into network performance and data flows, traffic visibility is the only degree of monitoring that provides the granularity required to achieve the performance and security the financial services sector needs.

Traditionally, there are two ways to achieve traffic visibility: using flow protocols (e.g. NetFlow), or with Deep Packet Inspection (DPI). For example, a network visibility tool might sample traffic flows and provide data based on the “five-tuples”, or a firewall may use TLS inspection to decrypt and inspect traffic.

However, there are some tradeoffs with each approach. Flow data is from packet headers and doesn’t actually drill down into the data payload. This can leave IT blind to exactly which applications are communicating and where traffic is headed. On the other hand, DPI often requires devices to sit in line with traffic (which introduces additional failure points and can impact performance) and comes with privacy and security concerns of its own (decrypting data in with what amounts to a man-in-the-middle approach).

Auvik’s TrafficInsights provides a “best of both worlds” solution that can provide deep visibility without using MITM-style decryption. Auvik captures flow data using common flow protocols such as (NetFlow v5, NetFlow v9, J-Flow, IPFIX, and sFlow). Then, machine learning algorithms and traffic classification help identify specific applications (e.g. Slack and Dropbox) and network protocols. IT admins can then view “top talkers” on a network, see where traffic is headed, and drill down to view specific flows for more data. For banks and financial services, this can drastically improve network visibility and security posture without introducing the overhead and complexity of DPI and TLS inspection.

Visibility won’t eliminate complexity, but it does make it possible to navigate. The right network visibility tool can go a long way in solving the network challenges in finance, and reduce costs along the way. For example, our Total Economic Impact study by Forrester found that businesses that implemented Auvik achieved 173% ROI in 3 years. A big chunk of that ROI was directly related to minimizing complexities in IT operations and tool licensing costs.

If you’re responsible for managing a financial or bank network, and want to see how Auvik works first-hand, get your free 14-day Auvik trial here.

Lawrence Popa

About Lawrence Popa

Lawrence Popa is a Sales Engineer and resident Mad Scientist at Auvik Networks. If it's vintage, Lawrence has probably tried to get it to connect to the internet.

Leave a comment

Got something to say? Name and email are required, but don't worry, we won't publish your email address.