This document discusses how cloud computing provides benefits for disaster recovery of securities exchanges. It notes that regulated exchanges must have a disaster recovery site and plan to restore trading if their primary market becomes unavailable due to natural disasters or other events. The International Securities Exchange (ISE) developed a cloud-based disaster recovery solution using Amazon Web Services that provides availability, operability, efficiency, security, velocity, elasticity and agility. This solution allows ISE to automatically "light up" a disaster recovery environment in the cloud as needed, reducing costs compared to traditional on-premise infrastructure. The cloud-based approach provides security, scalability, automation, and is cloud agnostic.
1. However, if technology were interrupted by natural disasters or other events,
there could be a devastating impact on investors and market participants.
ISE IS THE FIRST REGULATED EXCHANGE TO LEVERAGE
THE CLOUD TO RUN PRODUCTION DISASTER RECOVERY
INFRASTRUCTURE WITH CONFIDENCE THAT THE
ENVIRONMENT IS SECURE, SCALABLE, AUTOMATED
AND CLOUD AGNOSTIC.
Modern securities markets rely heavily on technology and automated
systems to run as planned.
2001
September 11 attacks
2003
Northeast blackouts
2005
Hurricane Katrina
2011
Japan Tsunami
2012
Hurricane Sandy
2008
Sichuan earthquake
RECENT DISASTERS
THE SECURITIES EXCHANGES AND SEC REALIZE
THAT REDUNDANCY IS CRITICAL TO ENSURE
MARKETS ARE AVAILABLE IN CASE OF DISASTER.
Regulated exchanges must have
a disaster recovery site and plan
to restore trading if their primary
market is not available.
Exchanges must increase
geographical diversification
of their primary and disaster
recovery data centers.
ISE saw this new requirement as an opportunity to pursue a
non-traditional disaster recovery solution that would also achieve:
Availability OperabilityEfficiency Security Velocity Elasticity Agility
Cloud computing, or the practice of using a network of remote servers hosted
on the Internet to store, manage, and process data, is the next step in the
evolution of computing.
Now that the cloud has developed into a robust solution, companies have
become comfortable with SAAS solutions and leveraging IAAS for services
that are mission critical.
Cloud Computing
WHY IS THE TIME RIGHT
The cloud holds multiple benefits to ISE and its Customers.
ISE
Customers
MAINFRAME
DECENTRALIZED COMPUTING
CLOUD DATA CENTER
Disaster Recovery Exchange
IN THE CLOUD
Enables ISE to deliver services across multiple geographic regions.
Granular control and transparent reporting of cloud spend.
Seamlessly scales to meet business needs.
Allows resources to focus on functionality rather than infrastructure.
Security built in, using read-only Operating System and minimal
application footprint by leveraging containers.
Improved time to market (no more procuring of equipment).
Virtual Private Clouds provide trusted workspaces that cross
organizational boundaries.
How will ISE operate the Anywhere Exchange?
Fully automated ability to ‘lightup’ disaster recovery
environment allows ISE to build out containers only
when needed, reducing costs.
Services are tied to the Pacific Northwest region
ensuring over 500 mile geographic diversity and that
data does not make its way out of the US.
Containerization reduces security attack vectors
as well as allows ISE to move services between
hardware with minimal disruption to the application.
Automation is easily adjusted to scale out the
disaster recovery exchange or leverage environment
for other testing purposes.
Systems leverage two factor authentication in combination
with an identity access management system to ensure access
is limited to authorized personnel and enforce boundaries.
Security is a Priority
Security was a major priority for the implementation of this system.
These concerns were addressed by leveraging a read-only operating system
called CoreOS, as well as Containers.
ISE worked directly with the Centre for Internet Security (CIS)
to help build recent security benchmarks.
Additional security precautions:
How does the cloud compare to the traditional
approach to an infrastructure build out?
ON PREMISE model CLOUD
upfront licenses fees
upfront hardware costs
slow time to market
large upfront cost
to experiment
pay as you go
pay as you go
on demand
pay only what
you utilize
CoreOS requires minimal
maintenance as patches
are updated regularly and
automatically.
Containers minimize the
application footprint and
provide isolation.
Private
Registry
Disaster Readiness
in the Cloud
Leading technology innovation into the Cloud
With these benefits, ISE saw the potential to
build its disaster recovery system using the cloud
and worked with Amazon Web Services (AWS).
Primary Systems
- in-house or local data center
THE CLOUD OPPORTUNITY
EXCHANGE ECOSYSTEM
Backup Systems
- mirrors primary system
- “hot” solution for immediate failover
- typically same physical location as primary D.C.
Disaster Recovery
- activated if primary & backup system are not available
- geographic separation from primary and backup
CoreOS
Quay
Weave
Terraform
Duo mobile
Github
Two factor
authentication
Social
Coding
Ability to process high
volume multicast feeds in
cloud environment
Safe Automatic
updates
Ability to build
cloud agnostic
solution
Physical Cloud Opportunity
Proprietary Market
Data Proxy