FIX Security

FIX Trading Community is constantly working on the analysis of the challenges in the field of  cybersecurity and on the elicitation of the various security threat scenarios which represent possible strategies a hostile party may employ to disrupt, imitate or change legitimate message traffic between electronic trading counterparties. The FIX Security White Paper was developed as a result of community efforts to incorporate these scenarios. 

FIX Antenna and FIXEdge products follow the recommendations published by FIX Trading Community to address all the current issues and challenges on the front of the  cybersecurity, to satisfy best practices and all the crucial requirements of the industry.

Overall Security Features Supported in FIX Antenna C++/.NET/Java and FIXEdge

Feature

FIX Antenna C++/.NET    FIX Antenna Java   FIXEdge        
Internal static code analysis against buffer overflows and other security breaches Yes Planned   Yes               
Protection from abnormal user behavior (including DDoS attacks) Yes No  Yes              
SSL/TLS with keys management for both initiator and acceptor roles Yes Yes  Yes              
Support for custom encryption algorithms Yes No   Yes               
FIX messages validation Yes Yes  Yes             
Filtering against IP range and ports to be used for connection Yes Yes Partially, filtering against IP only   
Settings for TCP protection No No Yes           

FIX Security White Paper main points and related features/measures implemented/envisaged in FIX Antenna and FIXEdge can be found here.

Regulatory