Your production network is not a good place to learn how to do a vulnerability assessment. There are huge legal issues when running any security tools against a network, espically one in the financial industry. A lawyer can save your a$$, by drawing up your paper work!! You need written permission signed by some top level managment specifically defining all the tools your allowed to use and the ip space you are able to test.

Good Luck and Get it in Writing!!