that the cost of failing with one customer can be multiplied hundreds if not thousands of times in minutes. Cost of Downtime After all this talk of the issues surrounding availability, it becomes clear that the cost of downtime is high. This cost is incurred regardless of why the e-commerce site is down. It could be hardware or software failure, a hacker causing a denial-of-service attack, or simple equipment maintenance. The cost of downtime can be measured by taking the average number of transactions over a period of time and the revenue of the average transaction. However, this may not identify the total cost as there may be potential customers who do not even visit the site due to a report from a friend or online acquaintance. For this reason, each e-commerce site should be architected to remove single points of failure. Each e-commerce site should also have procedures for updating hardware and software that allow the site to continue operation while the systems are updated. Solving the Availability Problem We have discussed a lot of availability issues, but how can they be solved? The short answer is that they can’t. There is no way to completely guarantee the availability of the e-commerce site. That said, there are things that can be done to manage the risk of the site being unavailable. Before any of these management solutions can be implemented, you must decide how much the availability of the site is worth. Fail-over and recovery solutions can get expensive very quickly and the organization needs to understand the cost of the site being unavailable before an appropriate solution can be designed and implemented. The way to reduce downtime is redundancy. We start with the communications system. If you look back at Module 16, we talked about several Internet architectures. At the very least, the Internet architecture for an e-commerce site should have two connections to an ISP. For large sites, multiple ISPs and even multiple facilities may be required. Computer systems will house the e-commerce Web server, the application software, and the database server. Each of these systems is a single point of failure. If the availability P:\010Comp\Begin8\957-8\ch17.vp Monday, May 12, 2003 12:13:14 PM Color profile: Generic CMYK printer profile Composite Default screen
of the site is important, each of these systems should be redundant. For sites that expect large amounts of traffic, load-balancing application layer switches can be used in front of the Web servers to hide single failures from the customers. When fail-over systems are considered, don’t forget network infrastructure components such as firewalls, routers, and switches. Each of these may provide single points of failure in the network that can easily bring down a site. These components must also be configured to fail-over if high availability is required.
- Fall '17