The FIX Trading Community is constantly working on the analysis of the challenges in the field of cybersecurity and on the elicitation of the various security threat scenarios that represent possible strategies a hostile party may employ to disrupt, imitate or change legitimate message traffic between electronic trading counterparties. The FIX Security White Paper was developed as a result of community efforts to incorporate these scenarios.
The FIX Antenna and FIXEdge products follow the recommendations published by FIX Trading Community to address all the current issues and challenges on the cybersecurity front to satisfy best practices and all the crucial requirements of the industry.
Overall Security Features Supported in FIX Antenna C++/.NET/Java and FIXEdge/FIXEdge Java
| Feature | FIX Antenna C++/.NET | FIXEdge Java/FIX Antenna Java | FIXEdge |
|---|---|---|---|
| Internal static code analysis against buffer overflows and other security breaches |  |
|
|
| Protection from abnormal user behavior (including DDoS attacks) | |
|
|
| SSL/TLS with keys management for both initiator and acceptor roles | |
|
|
| Support for custom encryption algorithms | |
|
|
| FIX message validation | |
|
|
| Filtering against IP range and ports to be used for connection | |
|
Partially, filtering against IP only |
| Settings for TCP protection | |
FIX Security White Paper main points and related features/measures implemented/envisaged in FIX Antenna and FIXEdge can be found here.