Case Study

Trading Venue Availability

Share this Case Study with a friend.

Customer Challenge

Citihub was engaged by a Tier 1 European Equities Venue to conduct an infrastructure availability review of their European Dark Pool platform.

The provider had experienced unplanned outages and needed to identify potential availability risks and single points of failure affecting business systems.

The scope included all underlying infrastructure for matching engines and messaging and external connectivity. The study necessitated a full physical audit of data centre assets, and a full review of network infrastructure and Metro WAN inter-site connectivity.

How Citihub Helped

Citihub’s Application Risk Assurance (ARA) methodology was used to complete the review. This is a holistic, structured, and evidence-based approach covering all factors that affect infrastructure availability. ARA measures infrastructure availability through design reviews and analysing planned and unplanned infrastructure fail-overs.

Citihub’s review found that the infrastructure which was designed for high availability (HA) and fault tolerant capabilities still had a number of high-risk components compromising the HA design. These included: subtle but unintended single points of failure (SPOFs), latent run-time silent configuration errors, placement of HA services on shared frames, DNS issues, EOL hardware issues, and evolving BCP plans and insufficient testing of contingency plans.

Our review identified more than 80 risk items and categorised these as either High, Medium or Low based upon the potential for future impact and the probability of impact occurring. Risk items were also aligned by theme – covering such areas as Strategy and Architecture, Database Design, SPOFs, Operations Models and tools, BCP, and DC and Networking design.

The Client’s infrastructure SMEs reviewed risk items and took required remedial actions.  “Red Hot” items identified as immediate risks to the business were resolved as they were identified, and other High Priority items were remediated through normal infrastructure investment upgrade plans.

Some risk items identified during the ARA were known to the client, but independent verification enabled the client to secure funding for full remediation.

Customer Benefits

Externally verified and validated Dark Pool Infrastructure design

As a result of this review, our client was assured that critical infrastructure was well implemented in practise – all designs were verified or proposed to be verified as part of this review. The client also benefitted from the experience of the Citihub’s consultants who have completed many of these types of reviews – experience, insight and knowledge transfer are key parts of these reviews.

An up-to-date findings Risk Log with prioritised remediations

A key output of this review was a detailed findings Risk Log with prioritised recommendations. This approach allows identified risks to be discussed, reviewed internally, and then, as required, funded and resolved.

Assurance through testing that their Infrastructure performs and is highly available

Citihub’s Application Risk Assurance methodology by design is data-driven, where all evidence about a client’s infrastructure is documented and all findings verified and supported by actual data.  In line with an evidence-based approach to High Availability, we look to see all infrastructure components regularly fail-over tested to give clients the confidence of knowing that their critical infrastructure actually works.

Related Case Studies

Our Insights

see all insights

Learn more about our Services

Application Modernization

Driving the technical, operational and cultural changes required for adoption of cloud native architectures, platforms and services

Application Modernization
read more
read more

Making data accessible, usable, accurate and secure

Data Management
read more
read more

Architecture, design and hands-on engineering of secure and scalable private and public cloud platforms

Cloud Platform Services
read more
read more

Ensuring safety of data and applications in the cloud by integrating security into the heart of developer workflow

Cloud Native Security
read more
read more

Unlocking cloud-based developer productivity through modern, dynamic approaches towards compliance

Continuous Compliance
read more
read more

Implementing modern organizational structures and operating models that transcend traditional silos

Enterprise Transformation
read more
read more

Let's talk about your digital transformation

contact us