TradAir is a leading provider of front office optimization solutions that grant financial institutions the ability to create new revenue layers and reduce costs. Offering an end-to-end trading infrastructure, TradAir’s products range from price creation and optimized trading solutions to performing dynamic distribution.
TradAir’s all encompassing suite of products leverage the latest technology and standards in the cloud and HTML5, creating a highly flexible offering that seamlessly integrates with existing components and provides the fastest time to market. With offices in London, New York and Tel Aviv, TradAir continuously enhances new and existing client relationships with speedy, tailor made, and secure application delivery.
TradAir’s unique system is unlike a typical web scale platform for public online services. As mentioned above, this is due to the fact that the company’s customers are large traditional financial institutions that are under strict security and compliance regulations. There needs to be a clear separation between their IT environments so as to keep their network and data secure. In order to adhere to regulatory compliance requirements and guarantee an SLA, continuous data backups and monitoring are a must along with transaction and audit log archives.
AWS equipped TradAir with a great jumping off point, complying to strict financial regulations. TradAir and AllCloud leveraged AWS Direct Connect to create a private tunnel that they use to connect directly between the Equinix bridge site and TradAir’s isolated AWS VPC (Virtual Private Cloud) network.
Access and Network Security
AllCloud helped TradAir leverage multiple AWS security building blocks, including AWS Identity and Access Management (IAM), AWS Multi-Factor Authentication (MFA) and Dome9’s network security solution. These enabled network segregation within TradAir’s production environment as well as isolation from the development and test environments.
By leveraging AllCloud’s around the clock SLA management service, TradAir has maintained complete transparency into their environment, which includes maintaining, auditing and automatically tracking all provisioned cloud resources. Together with AllCloud, TradAir’s IT team has managed to implement and comply with security policies for deployment, logging and auditing.
In addition to access and network security, by utilizing AllCloud’s ‘DevOps Central’ management platform, all instances and databases (AWS RDS) fall under scheduled automatic snapshot mechanisms. AWS EC2 instance images are automatically generated and data assets are automatically archived as AWS S3 objects across multiple Availability Zones.
TradAir’s competitive edge lies in their ability to retrieve market data with reduced latency, allowing their users to react to market changes in real-time. The basic flow of a single TradAir user request begins with a market analysis that results in sending the request to dozens of LPs. User requests are then analyzed and, if needed, re-issued to make sure that the best price is readily available.
TradAir’s system needs to perform in sub-milliseconds; transactions that take longer will result in a direct loss of customers. In addition, the system is connected to multiple LPs and receives hundreds of kilobytes per second of market price updates. At that pace, it is challenging to identify a glitch in the network in real-time.
As mentioned above, TradAir deployed their bridge site in Equinix LD4 to be as close as possible to the LP servers. Both sites are connected using AWS Direct Connect. The servers in the bridge site hold very light weight agents that send data to the AWS site for immediate processing. Direct Connect, which is generally much faster than any Layer 3 IP connection, supports TradAir’s need to respond in near real-time.
Network Enhanced Instances
In addition, TradAir uses HVM AMIs, the most recent type of EC2 instance. HVM AMIs provide operating systems the access they need to native hardware platforms in order to send instructions to specific network and GPU devices. As a result, they are needed for improved GPU processing and heightened networking capabilities.
Monitoring Connectivity and Performance
In order to get real-time notifications about network issues, TradAir’s IT team and AllCloud’s experts created a sophisticated mechanism that monitors the connectivity of the data stream to and from the LPs. In case of an event, such as a market price update anomaly, the system tries to automatically reconnect and reinitiate the data stream. In addition, a notification is generated to the operations team to inspect the issue. Events logs are then generated and stored within a dedicated data store for fast data processing and support at minimal response times.