CBA details NetBank battle plan

Commonwealth Bank of Australia has had a rough couple of days; with high levels of traffic forcing it to take its internet banking service down at times. But what was really going on behind the scenes?

Michael Harte
(Credit: ZDNet.com.au)

According to the bank's chief information officer Michael Harte, one of the issues was that many of its customers were attempting to get their end of financial year processing done. "Our firewalls were flooded with volume," Harte told ZDNet.com.au this afternoon.

Today, according to Harte, the bank had already seen its normal customer traffic, around 1.2 million separate logins, by around 3:30pm. "We were able to process a record number of transactions," he said. At 9:19 this morning, there were 18,700 concurrent users, 15 per cent above the bank's normal load, a situation Harte described as "success in scale".

But that wasn't the whole story; as the levels of traffic were quite unusual; normally the bank's highest traffic days are Easter and Christmas.

The bank also saw a higher percentage of traffic which it wasn't sure was bona fide. It quickly took steps to quarantine what it believed could be network nasties. "We had to see if it was malicious or not," Harte said.

The end result was that the bank had a scheduled outage. "At three different points we had to take the systems down," Harte said. However, contrary to the popular belief NetBank had been overwhelmed, Harte stressed these were planned actions. He said the system was up and running by 5:30pm yesterday and that it had not needed to be taken down today. As for security breaches, Harte said with confidence there were "none whatsoever".

Over all, we have to keep a trusted environment

CBA CIO Michael Harte

The CIO said that the bank would try to ascertain where the suspicious traffic had come from, but that it hadn't concluded its investigation yet. "You can never be 100 per cent sure where it's come from. Better to quarantine it," he said.

Harte regretted the necessity of taking the system down, but said it was in the best interests of the bank's users. "Over all, we have to keep a trusted environment," he said.

Going forward, CBA will continue to work to minimise occasions where the site has to be taken down via further work into autonomic provisioning to handle peaks and better methods of identifying users who come to the site often.

"You've at least identified them before and from that they're authenticated users," Harte said.

• Related stories

• Alerts

Add your opinion

"Not ... Taken Down Today" Anonymous -- 30/06/09

If the site wasn't taken down today, why was it not found when I tried to logon several times this afternoon?

• Reply to comment
• Reply to story
• Report offensive content

most likely gladiamnotwithnetbank -- 30/06/09

it is most likely that netbank can't cope with the high volume of traffic with end of financial year. What is interesting is it seems they have no mechanism to throttle incoming traffic, other than pulling the plug on the whole platform....oh well, might want to check on the NFRs. Just makes you wonder what else might be missing???

• Reply to comment
• Reply to story
• Report offensive content

What about the messed up transactions? Anonymous -- 01/07/09

Don't simply "view account" for a statement because many transactions are incorrect - wrong amounts for example. You need to use the search feature to get an accurate statement.

• Reply to comment
• Reply to story
• Report offensive content

Bad design Anonymous -- 01/07/09

The Bank should stop blaming phishing ad DOS attacks and admit that it's their crap database design that's the issue. The Bank's technology people are retards and continue to prove it by the outcomes they get. Netbank crashes, Core Banking off the rails, Peoplesoft issues, major data wharehouse issues and the list goes on forever.

• Reply to comment
• Reply to story
• Report offensive content

Ralph Ralph -- 01/07/09

"a scheduled outage"
on the last day of the FY? bollocks!

and
"15 per cent above the bank's normal load", a situation Harte described as "success in scale".
but Christmas and easter were taken in their stride ?

and the missing transaction details for June ?

• Reply to comment
• Reply to story
• Report offensive content

The definition of "scheduled" David Havyatt -- 01/07/09 (in reply to #320146793)

I think the CBA CIO is using "scheduled" outage in the sense of "not an unscheduled outage". Yes he means they turned it off rather than it crashed. It was scheduled - like - a minute before it occurred.

• Reply to comment
• Report offensive content

Offshoring of their IT Anonymous -- 01/07/09

All these outages have been gathering pace ever since CBA decided to offshore their IT in a feeble attempt to cut costs.

Coincidence? I think not.

• Reply to comment
• Reply to story
• Report offensive content

What a load of Rubbish DOS Anonymous -- 01/07/09

Just looking at my Netbank transation, I have a few from the last few days and then it jumps to March transactions, incorrect data is not a the result of a Denial of Service attack, sounds like they have had a complete meltdown in their systems, behind the firewall, the transactional data looks stuffed.

I wonder if the concurrent user increase were all those continuing to re-log in.

• Reply to comment
• Reply to story
• Report offensive content

CBA Netbank - CBA shirks responsibility Anonymous -- 01/07/09

CBA is shirking its responsibility to its customers and to the community by its addiction to outsourcing.
Are decisions made to outsource being made in the best interest of customers and the community?
Howard Morris, Group CIO in the late 90's, was a key supporter of the multi-billion dollar deal to outsource 1000's of IT jobs to EDS. Within a few months Howard was working at EDS.
It goes both ways of course, Dave Curran joined CBA and brought Accenture in to manage the Core Banking Modernisation program, Accenture getting the lions share of the $580million deal to implement SAP Banking.
More recently CBA awarded a huge contract to HCL and TCS, two large Indian outsourcers, to undertake application development and maintenance.
As CBA's executives, incentivised by bonuses based on how much cost reduction they can achieve, send more Australian jobs to Indian and other overseas companies they also wash their hands of responsibility for the customer experience.
The Banks has now outsourced so much of its infrastructure to overseas companies that they are no longer able to effectively manage or secure their systems.
Customers bear the brunt of this, as do the workers but at least the shareholders are happy (so we are told). More importantly the senior Executives are happy!

• Reply to comment
• Reply to story
• Report offensive content

18,700 concurrent customers Anonymous -- 01/07/09

Hmmmmmm!

Doesn't CBA have 8 million or so customers in Australia?

Michael Harte is pleased with being able to handle a miserly 18000 at any one time?

Go figure! Pathetic that the biggest Bank in Australia aims so low in its attempt to provide service excellence to its customers.

Whats going to happen as CBA develop their business in India and Indonesia, consider the populations in those countries. CBA and Australia are going to be the laughing stock of Asia!

• Reply to comment
• Reply to story
• Report offensive content

a trusted environment???? Anonymous -- 01/07/09

What does Harte mean by a trusted environment?
Over the past year Netbank has failed on many occasions!
Remember on the 1st Sept last year this report in ZDNET "For the second time in a fortnight, the Commonwealth Bank of Australia's Internet banking service is unavailable due to "technical difficulties".
In December ZDNET reported that "Rudd's $10bn gives NetBank heebie-jeebies
CommBank's systems fell over yesterday while Australia's largest bank was preparing its infrastructure for Rudd's $10.4 billion fiscal injection, which is set to hit bank accounts next week."

I for one do not trust Netbank to be there when I need it and I find it very difficult to trust Netbank to safely process my payments!

Remember the huge payments debacle last November "The Commonwealth Bank of Australia has confirmed that a technical glitch has impacted up to 200,000 customers over the past few days.

In a statement issued today, the bank apologised to customers, who had suffered deposit and withdrawal duplications resulting from a "processing problem"."

It just goes on and on and all the time more Australians, who actually care about the quality of the work they do, are thrown out of work as the bank outsources more and more jobs to foreign companies who dont care about providing good service to Australians , they only care about what they have to do contractually, which they do at the lowest possible cost!!!!!
Doesnt matter though because all the top managers in the bank are happy as they get bonuses based on lowering costs and cutting jobs!

• Reply to comment
• Reply to story
• Report offensive content

Commnetbank down Peter Shapcott -- 02/07/09

Yes it was down in the morning but I had no trouble a couple of hours later all work fine.

I do have a problem with the way they have cut interest rates. From 3.5% to .02% That was $130.00 to $1.25 per month not quite the the Gov adjustment.

• Reply to comment
• Reply to story
• Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials