by Anya Aratovskaya
Businesses like to brag about system uptime of 99.9999% but this is only a tip of the technical infrastructure iceberg. In this article I will go over the most frequent hosting, and administrative mistakes that can cost FX Brokers tens of thousands of dollars as well as untold reputational damage.
The bad news is that the vast majority of these errors are simply human and can be easily prevented if these FX Brokers follow the industry standard practices. Since Financial Institutions rely heavily on the quality of hosting and network infrastructures, working with professionals is key here.
Here are the top 7 mistakes FX Brokers make:
1. Absence of a Disaster Recovery Plan
Basic, Simple, and so often completely ignored. A plan can be set up internally or a third party can be used (DRaaS model)
●Identify the roles of Key Employees (and ways to contact) and set Communication Plan
●Hardware and Software Inventory (by level of importance: Critical, Important, etc.)
●Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
●Disaster Response Procedures
Ideally run a disaster recovery drill and training sessions for the employees.
2. Updating Live Servers During active trading hours
Aside from CPU (aka the memory load of your server) monitoring, hosting providers and admins are often responsible for managing trading server restarts.
Some trading platforms require a restart upon new group creation or a new plugin installation that have to be done at a particular time to avoid service interruption (ideally EOD on Fridays).
I’ve seen cases of mid-week server restarts that triggered a chain of other server updates that ultimately led to a 2- hour long system downtime and thousands of messed up orders.
3. Poor Management of Network Bandwidth
Bandwidth measures how much data can be delivered over a network at any given time. That setting is critical for the server performance during major news announcements or highly volatile times. It also serves as a good protection against DDOS attacks that overwhelm servers with access requests.
The industry standard is to have at least 10Mbps burstable bandwidth, and hosting providers will typically charge you extra per everything over that.
Example of providers for connectivity: Amazon Web Services, Lucera, Colt PrizmNet, Equinix.
4. Not hiding your main (LIVE) trading server IP
DDoS is quite common in the financial world and can seriously disturb business. You should not host your Main Trade Server and Access Server on the same machine.
5. Lack of Access Points
An Access point is a Virtual Machine with its own unique IP that directs traffic to your main server. FX Brokerages usually have numerous Access Points that form an Access Points Network (preferably with different hosting service providers). They act as a firewall to the platform (antiflood control, auto failover etc.). Some may think that Access Points slow down the connection between the main server and clients but that is not true. In fact, they accelerate it when set up properly at locations that are optimal for your clients.
Mesh VPN Network will work perfectly for that purpose as it provides the lowest latency between locations without expensive private links. Just make sure to check traffic charges.
6. Not having a 3rd Party DDoS protection service
Just having Access servers is not enough, typically FX Brokers have a third party DDOs protection service to filter bad traffic.
What to look for in a good firewall:
●Rule-based packet filtering that supports TCP, UDP, and ICMP protocols
●High availability and redundancy (hardware, network links, power feed)
●Protection from unwanted traffic
Note that some newer platforms have built-in protection in place (MetaTrader 5 is a good example, as it has a built-in Firewall, you can block/permit/permit always IPs)
Examples of third Party providers recommended by MetaQuotes are: Akamai, Cloudflare, Qrator Labs.
7. Not paying vendors on time
Internal Inventory of Vendors with Invoices and Due Dates should be on your accounts payable calendar. Also, extra bandwidth or traffic charges need be monitored. With proper oversight, extra charges related to hosting or network can be prevented or negotiated prior to unexpected bills.
Surprising service disconnections are more common that one may think, for the FX Industry in particular, and invoice management should be looked at as an important task.
Other less common mistakes:
● not changing default ports
● not monitoring platform updates and not checking servers after updates
● overloading VPSs (often the case for startup MT4 Brokers that don’t keep track of VPS CPU)
● missing out on cross-connects to Liquidity Providers
● not adding IP filters for MT4/MT5 Manager Users
● not regularly checking if the Backup server is connected and synchronizing
● not doing regular export of the settings via Admin Terminal
● not doing regular check for errors and flooding EAs
● not having a limit on pending and open orders
● not monitoring employees’ accesses to the critical elements of IT infrastructure
● not scheduling an audit of your existing IT set up
If you are an FX Brokerage owner, Dealer, or IT Manager, here is your ultimate Hosting and Admin Checklist. Download it HERE.