Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Why Packet Capture is Critical for Financial Services

By Rick Truitt, Vice President, Financial Services, Napatech

Under the current and future global regulatory landscape, firms participating in electronic trading of financial instruments—including proprietary trades, buy-side firms, sell-side institutions and trading venue operators—all face increasingly stringent requirements around the monitoring, capture and storage of electronic order and trade-related data.

Rick Truitt, Vice President, Financial Services, Napatech
Rick Truitt, Vice President, Financial Services, Napatech

From a pure monitoring perspective, firms need high visibility into their order flow, both to monitor performance and to respond to security alerts such as possible breaches. From a regulatory and compliance perspective, they need to be able to capture and store all electronic messages with highly granular timestamps, so that when required to perform forensic analysis into past order and trade history, they can sequentially reconstruct all trading-related events.

In light of such diverse and complicated requirements, how should firms approach the task of building robust solutions that can sort and store so much information? The first step is to capture data on the network. Data (or packet) capture is critical because it is a single source of truth. It provides visibility across the board. Financial services firms cannot rely on a sampling of data; they need 100 percent of the data. It’s how operators and engineers plan network throughput, routing preferences and the path of least resistance for a trade. In short, 100 percent packet capture has become a necessity.


It may be a necessity, but that doesn’t necessarily make it easy. Yes, there are many open source tools available that can help organizations in need of packet capture at low speeds – but trades are conducted at high volume and velocity. In addition, standard network interface cards (NICs) cannot capture all packets at the high speed of today’s trades.

Some financial services firms assume that they can buy the equipment themselves and piece a solution together to save money. However, there are a myriad of challenges optimizing any accelerator card with an appliance; it requires experience and skill that these firms typically lack.

For many financial firms, moving toward a field-programmable gate array (FPGA) solution is a wise choice. FPGA technology supporting FPGA-based network acceleration cards (NACs) is an exciting evolution in integrated circuit design.

FPGA technology provides an advantage in trading. When a trade is made, confirmation is received in a manner of nanoseconds. This is not terribly important for an individual conducting small transactions, but it’s crucial for high-frequency traders or proprietary trading. These high-frequency users need a technology that will stamp the packet when it leaves and when it comes back so they can see how quickly a trade is authorized, as it is very important for traders to be able to see when their trade was confirmed. FPGA allows an egress stamp on a packet.

Another FPGA benefit relates to forensics or post-analysis for security reasons. Sometimes it is necessary to look back in time to investigate an attack, and being able to search within a particular time window is incredibly helpful.

A Closer Look

FPGA technology has enabled the design of very flexible hardware platforms, supporting a broad range of existing and new use cases for the financial services industry, all with an extended lifetime/horizon.

First, it is important to establish what to expect from an FPGA-based NAC. Any FPGA-based NAC hardware platform should support:

  • Ethernet link speeds and types available currently and in the near future, through attractive front port connectivity.
  • Different FPGA size configurations, providing the customer with the right cost/feature ratio options, enabling competitive product offerings.

Historically, FPGA-based NACs have deployed physical layer (PHY) devices in the data path between the FPGA and the Ethernet front port. The discreet silicon PHY device handles the physical layers of the Ethernet protocol stack. However, with the introduction of the latest 20nm FPGA families, the FPGA technology is on par with the current and near-term future Ethernet link speeds, obsoleting the need for the PHY companion devices.

New NAC technology implements a PHY-less, FPGA-based NAC design. This industry-pioneering option to operate two FPGA process nodes on the same hardware platform has been enabled through footprint compatibility from the FPGA vendor. The hardware platform is currently supported by a 2 port 100G feature set and support will shortly be followed by the release of a 2 port 40G feature set.

From a multi-link speed customer perspective, a PHY-less, FPGA-based NAC design offers a number of benefits. It can source many different product variants with the same NAC part number, which reduces the amount of required hardware qualification resources. Its ability to collect volume on one or a few NAC part numbers saves on logistics and cost. An FPGA-based NAC can introduce multi-link speed product variants, eventually handling all major link speeds and types, on the same ports, through dynamic reconfiguration. Finally, it restricts the required knowledge base to one platform. This technology is a vast improvement on previous NAC designs and is bound to take its place in financial services networks around the world.

Important Questions

Financial institutions and trading organizations have important questions to ask as they consider high-speed solutions. They first need to answer in-house questions, including:

  • Will this be a global or local design?
  • Do we need any outsourcing help?
  • What type of support structure do we need?
  • What kind of load will we have across the link?
  • What network speeds are needed?
  • How many appliances are we looking at?

There are also important questions to ask providers.

  • The first is, “How much experience do you have in this industry?” The financial industry is bound by many specific regulations and laws, so experience is important.
  • Because trades need high-speed networks, ask the provider if their solution is able to do 20G write to disk without drops. At lower speeds, 100 percent packet capture is a commodity; not everyone can say the same at high speeds. Also, be sure to ask about scalability. Financial services firms can no longer risk buying equipment and solutions that are not scalable.
  • Ask if the provider has analytics of its own or is compatible with open source analytics. More and more financial services firms do not want these analytics to come on board because they end up costing five to six times more per appliance. In addition, a firm can have the most expensive and extensive analytics available, but if it does not have the underlying platforms to support them, then the data is not accurate –which makes it essentially useless.
  • Finally, ask if the solution will work with third party applications. If not, this could cause serious issues – especially if a firm has proprietary software that only works with company X and cannot integrate with company Y.

The Total Package

High network speed is critical for today’s financial services firms. Regulatory requirements and trading competition demand the fastest and most reliable network possible. Firms cannot afford dropped packets; the network solution must offer total packet capture without a reduction in speed. Use the questions above as guidelines for architecting a system that serves the firm and its customers while meeting all regulations.