Australian FPGA-enabled technology provider Metamako has unveiled a new low-latency firewall solution, designed for the needs of firms that need to perform data packet filtering and logging without introducing a latency burden that would hinder trading activities.
Metamako founder and CTO Dave Snowdon says the vendor is seeing demand from exchanges, banks, trading firms and customers outside the financial industry that need a security layer between themselves and the exchange, or different security layers between their clients.
“They don’t need the heavyweight firewalls. They need something simple that can satisfy their low latency and deterministic requirements,” he says, adding that in fact, many customers don’t use the features provided by heavyweight firewalls, and are instead simply looking for a solution that simply implements a set of rules and ensures that packets are addressed to the right place. “They are not turned on, so the functionality is almost the same.”
The MetaProtect Firewall has a high port density of 48 10-Gigabit Ethernet ports and 32 firewall filters, performs packet filtering in 130 to 155 nanoseconds, and provides logging capabilities for those filters. It offers flexible configuration, including the ability to specify ports that do not need filtering. In those cases, packets pass through the firewall in just five nanoseconds.
Vendor officials say the solution is ideal for situations where a firewall solution is mandatory, and where ultra-low latency and high port density is required. For example, the Korea Exchange requires that brokers must own and manage a firewall between a client’s trading servers and the exchange. This became a concern for trading participants due to the latency penalty the requirement introduces.
“There has to be a firewall between that gateway and between third parties, which protects the gateway against potentially malicious acts,” Snowdon says, adding that MetaProtect has helped brokers to improve that exchange-facing architecture.
MetaProtect took about nine months to build, in parallel with other projects—though the vendor was able to reuse code used in previous infrastructure projects—and has spent two months in testing with several clients, he says.
The founder and CEO of Imperative Execution looks at how trade execution is changing and what that means for the buy side.Subscribe to Weekly Wrap emails