Step 8 includes setting up the robot on a server, securing it, and testing it without risking money. Your trading robot will be set up on a server. Next, the robot will be forward-tested to demonstrate that it can profit during live trading. During this step no capital is risked. The robot can be set up to run fully automatically, when you click a button, or both. Routine backups of your trading database will be made. When the software is upgraded, it will be updated to your server.
Completing Step 8 helps prove that Step 2, Step 3, Step 5, Step 6, and Step 7 have been completed correctly without risking money. It proves that the day to day operation of the software will be handled automatically. Placing your trading robot on a remote server means you can have the peace of mind knowing that a system administrator can help you with any issues that arise. You will not need to pay a large upfront amount for new hardware or upgrade the software. Since your robot will be on a remote server, you will not have to worry if your Internet connection fails. You will have a distinct advantage over traders that run their trading software from their home computers.
Setup the Robot
Our system administrator will set up your trading robot on a remote server.
The Intrusion Detection System (IDS)
IDS is an active process or device that analyzes system and network activity for unauthorized entry and/or malicious activity. The ultimate aim of the IDS is to catch perpetrators in the act before they do real damage to the system. It protects a your server and trading robot from attack, misuse, and compromise.
Use Security-Enhanced Linux (SELinux)
SELinux is a security module that enforces United States Department of Defense-style mandatory access controls. SELinux confines user programs and system servers access to files and network resources.
Use Iptables
The firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.The firewall uses both stateful and stateless inspections. Stateless firewalls watch network traffic, and restrict or block packets based on source and destination addresses or other static values. They are not 'aware' of traffic patterns or data flows. A stateless firewall uses simple rule-sets that do not account for the possibility that a packet might be received by the firewall 'pretending' to be something you asked for.
Stateful firewalls can watch traffic streams from end to end. They are are aware of communication paths and can implement various IP Security (IPsec) functions such as tunnels and encryption. In technical terms, this means that stateful firewalls can tell what stage a TCP connection is in (open, open sent, synchronized, synchronization acknowledge or established), it can tell if the MTU has changed, whether packets have fragmented etc.
Neither is really superior and there are good arguments for both types of firewalls. Stateless firewalls are typically faster and perform better under heavier traffic loads. Stateful firewalls are better at identifying unauthorized and forged communications. Port monitoring (PSAD). PSAD analyzes the firewall log messages to detect port scans and other suspicious traffic.
Encrypt Communications
Private data and logins are transmitted over SSL. The web interface utilizes HTTP Strict Transport Security. Application passwords are filtered from our log files and encrypted. Pushing and pulling of private data is done over SSH authenticated with keys, not passwords, to help prevent brute force cracking. An additional layer of end to end encryption is also used so that it is safe to transmit over http (when the cerfiticate authorities are unreliable).
Remote Login
Logging of the environment is constant and done remotely to insure in the extreme scenario of a compromise, an after action analysis of the incident will have access to enough data to formulate a solution to prevent a recurrence
Maintain the Server
Another threat to your trading robot is a malfunction of the computer server that hosts it. There are several ways this issue is addressed. The computer server that hosts your trading robot is proactively managed. The software packages that make up the operating system are verified. New security vulnerabilities are handled very quickly. There is also proactive monitoring of capacity limits (CPU, disk, memory, etc).
Automate Backups
The trading robot and data are automatically copied to another server. Backups are done on a daily basis and the files are copied to a different region of the country. You will also be able to easily download both the server and the data to your local computer.
Automate Daily Operations
The trading robot is automated so that the user will not need to monitor it or remember to run it each day. Your robot will be run periodically at fixed times using a software utility called cron. That way, your trading robot will be able to run handsfree – even while you are napping. It is very reliable.
Paper Trade
As part of Step 8, your trading robot will be run without using real money. The robot will react to live trading data while the market is open. In paper trading, your trading robot is fed live market data and 'trades’ against the live data with a simulated portfolio. First, it will prove that the robot works on a daily basis without human assistance. It also gives an opportunity to prove the robot has a profitable trading strategy without risking any investment capital. It verifies that the statistical optimization (Step 5) and risk analysis (Step 6) were completed correctly.
When this step is completed you will receive a report that will be included in the due diligence documents. One report will include the profit (or loss) of the trading system while running in live paper trading mode. Another document will have detailed instructions for setting up and running the robot.
