Recent service outages on banking websites leads to increased interest in how to control traffic more efficiently

News that a bank has suffered a major service interruption could lead to fresh interest in how to mitigate an attack and how to offload increased traffic.

Yesterday, SC Magazine reported that the Dutch bank Rabobank had been hit by a distributed denial-of-service (DDOS) attack that left its service disrupted for four days. Bank of America and Lloyds Bank also suffered interruptions, leaving customers unable to access online services.

Speaking to SC Magazine, Owen Garrett web performance specialist at Zeus Technology, said that if excessive traffic is such a problem that you have to take a website offline, there are other ways to deal with it, such as to update your website but this could cause further downtime and affect a user in a transaction who may find their operation to be dropped or broken.

Garrett said: “We have technology to make a system change. You can use a Zeus traffic manager and it stores users and controls with the network and can control where the traffic goes and can do an update as you can use virtualisation to redirect users. You do an update and then move them back.

“There are two key things: you virtualise an entire new session and do an update; and the other is to apply rate limits. It is down to your requirements and you can do a change of shift. Then the new session gets assigned to a new customer, you have taken an application and created a virtual instance.

“We work with a major ticket website that has huge traffic, so they used our technology to form a queuing system to give each user a cookie and use that to track how long they have spent on the website to allow access to a few users a minute. If they allowed everyone on at one time they would be overwhelmed.”

He said that if a large event is announced causing substantial traffic to come to your website and users find that your site does not load they will go to another, but if they are in a queue they will stay.

“You wouldn’t open an event without the domain to keep it going, same with a website, you cannot open a website without a way of controlling the traffic,” he said.