Optimising Deriv's trading platforms with AWS Global Accelerator

Delivering lightning-fast trading experiences to our global clients is paramount to our mission. Every millisecond counts in trading, and as Deriv serves traders worldwide, we must ensure our platforms maintain optimal performance, availability, and security. Here's how we leveraged AWS Global Accelerator to enhance our trading infrastructure and provide seamless experiences for our clients.

Why we chose Global Accelerator

Our trading platforms handle millions of transactions daily, with clients executing trades in real time across different time zones. Any delay or downtime can significantly impact our traders' activities. We implemented AWS Global Accelerator to optimise our network routing and ensure high availability across our services.

How Global Accelerator transformed our infrastructure

We achieved three key improvements in our trading infrastructure:

1. Lower latency: Global Accelerator automatically routes our users to the nearest healthy endpoint, minimising delays in order placement and market data reception. AWS's global network infrastructure optimises traffic flow, helping us achieve the lowest possible latency for our trading environment.
   
   
2. Enhanced availability and failover: Trading doesn't stop, and neither can we. Global Accelerator's ability to reroute traffic during outages ensures uninterrupted platform access. If one region becomes unavailable, users are automatically directed to an alternative location, maintaining service continuity.
   
   
3. Improved global reach: With clients spanning multiple continents, we leverage AWS's global network to provide robust connectivity across regions. This ensures our traders can access our platforms with optimal speed, regardless of their location.

Setting up our global infrastructure

To serve our diverse client base, we've established multiple entry points worldwide to handle user traffic efficiently. Our infrastructure includes various services such as market data delivery, trading engines, and authentication systems. Here's how we structured our implementation:

1. Global endpoints: We've strategically placed endpoints across regions including Africa, North America, Europe, and Asia. This setup ensures our traders connect to the nearest data centre for faster trade execution. We use Global Accelerator to monitor these endpoints' health and dynamically adjust traffic routes based on performance metrics.
   
   A key improvement we made was deploying specific endpoints in regions like South Africa to serve our local clients better. This reduced latency by minimising intercontinental hops while maintaining the optimised paths provided by AWS's internal routing.
   

2. Load balancing implementation: Our platform uses Global Accelerator to manage traffic through static IP addresses, which remain consistent even when we need to reroute traffic between regions. This approach has simplified our global IP structure while making our platform more resilient to regional outages.

Securing our global infrastructure with AWS Global Accelerator

As a regulated financial services provider, security is our top priority. We've implemented several layers of protection using AWS Global Accelerator alongside other security services:

1. Minimising internet exposure: We reduced our use of Elastic IPs in favour of UniCast IPs through Global Accelerator, helping shield our critical infrastructure from direct internet traffic. This configuration provides an additional security layer while maintaining optimal performance for our traders.

2. Protection against DDoS attacks: Our trading platforms require robust protection against potential threats. Global Accelerator comes integrated with AWS Shield as the first line of defence against DDOS. This setup helps us detect and mitigate threats before they can impact our traders' activities.

3. Enhanced security measures: We've implemented Web Application Firewall (WAF) alongside Global Accelerator to protect against common web exploits. All data transmitted between our traders and endpoints is encrypted, ensuring compliance with financial regulations and maintaining the integrity of our users' trading activities.

Measuring AWS Global Accelerator's impact on our platform performance

Since implementing AWS Global Accelerator, we've seen significant improvements in our platform's performance:

• Reduced latency across regions, particularly benefiting our traders in areas previously affected by higher latency
• Improved platform stability with near-zero downtime
• Enhanced global accessibility with consistent performance across continents
• Better monitoring capabilities through AWS Internet Monitor, allowing us to proactively address potential ISP-related issues in different countries
• We use AWS Internet Monitor to identify and resolve potential performance issues with specific ISPs in different countries, ensuring optimal trading conditions for our clients regardless of their location.

Building resilient trading infrastructure: Our next steps with AWS Global Accelerator

Our implementation of AWS Global Accelerator represents a significant step forward in our mission to provide world-class trading experiences. As we continue to grow and serve more traders globally, this infrastructure allows us to maintain the high performance and reliability our clients expect.

We maintain round-the-clock operations to support our global traders across all time zones. Through Global Accelerator, we ensure swift and reliable trade execution wherever our clients are based. As we continue to evolve our technology stack, we focus on implementing solutions that make a real difference to our traders’ experience and strengthen our position as a leading online trading platform.

‍

Authored by

Basel Mohmmad - WinOps Operations Team Lead, Andrew Spiteri - WinOps Development Team Lead