Versions Compared

Old Version 2

changes.mady.by.user CME Group

Saved on

compared with

New Version Current

changes.mady.by.user CME Group

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For details regarding messaging or the MDP application, see CME Globex Market Data and Streamlined Market Data Cold Storage.

Connecting to the CME Market Data Platform

CME MDP uses a VPN-based environment to provide connectivity over the Internet. To establish VPN connectivity, Internet Protocol Security (IPSec) and Generic Routing Encapsulation (GRE) must be configured to connect and review multicast traffic from CME MDP systems.

...

Figure: Single VPN Connection between CME and Customer Site

Protection and Transport Methods for Customer-CME Connectivity

The VPN connection implemented jointly by CME and participating customers meets the following protection and transport requirements:

  • Maintain the confidentiality and integrity of the packet contents (message data)
  • Transport multicast and broadcast packets

Protecting Connection Path

A VPN connection path is created using IPSec, the Internet standard protocol for tunneling, encryption, and authentication. It protects data traffic by addressing basic usage issues, including:

...

To build the IPSec tunnel to the CME Group environment, CME Group and the client system send each other their respective device IP addresses. CME Group and the client system then configure the peer IP address information so that each network can establish a VPN connection with the unique IP address of the peer device. To achieve this, the hub and all of the spoke routers in this network must have static, non-private, Internet-routable IP addresses.

Protecting Data Content

CME Group uses a pre-shared key (PSK) to authenticate the devices at each endpoint of the tunnel. The customer receives the PSK to authenticate the CME device and complete the tunnel. Once each network successfully authenticates the peer device, the tunnel is ready to transport packets.

Transporting Multicast and Broadcast Packets

Although the IPSec tunnel may be established and the data encryption is available through IPSec, a final step must occur before the actual physical transport of the data. IPSec, as supported by Cisco routers, does not support the transport of multicast packets.

...

Figure: GRE Tunnel within IPSec Tunnel

MDP Production and Replay Channel Definitions

CME Globex Market Data Platform Production and Replay channel definitions are provided in the market data configuration file. Refer to MDP 3.0 - FTP and SFTP Site Information for information on accessing the file via the FTP site.

...