User Help System

 

 

Secure File Transfer Management

CME offers Secure File Transfer Protocol (SFTP), a file transfer protocol service that uses the SSH protocol and public / private key authentication to securely transfer data to / from CME Group and customers. With this technology offering, data within directories is also secured.

Firm designated Back-Office Admin Managers (AM) are assigned the responsibility for managing SFTP IDs and granting permission to additional individuals to create and manage SFTP IDs; by submitting a registration form or using self-service application functions.

Request Access

ClosedBrokerTec Report Setup Process
  1. Entity registers for SFTP and designates the AM.
  1. CME Group creates a SFTP account for the entity, then notifies the AM.

Prior to permissions assignment, users must have a valid CME Group Login; and an activation token.

  1. The AM accesses SFTP Management to authorize individuals at their firm to create and manage SFTP IDs.
  2. An authorized user can access SFTP Management and creates SFTP IDs.
  3. An authorized user can add a SSH Key to encrypt the SFTP ID login.
  • Specify the public key that CME Group will use to send encrypted files to your directories.
  • Obtain the public key to send encrypted files to CME Group.
ClosedEBS Report Setup Process

To request EBS report access:

  1. CME Group Login: Users must create or use an existing CME Group Login to register for EBS reporting services and application access to EREP / SFTP / Request Center.

For application access requests, users provide their existing CME Group Login ID and secure token to their entity administrator.

Note: CME Group or entity administrators will never ask for your password.

  1. Contact Global Account Management (GAM): CME Group offers a suite of tools to help customers manage registration and on-boarding to applications and services. To get started with self-service solutions and obtain the CME Customer Center Self-Service form, contact GAM.
  1. Submit Self-Service Form: Submit the completed CME Customer Center Self-Service form to GAM.

The self-service form is completed by the Entity Officer who identifies back office admin manager(s) that are responsible for system administration, user entitlements and application restrictions. The back office admin manager is responsible for administration of applications or assignment of privileges to additional user(s) and approving self (Request Center) service requests submitted by entity users.

  1. Submit EBS EREP and SFTP Report and Billing Registration Form(s):

For additional setup details, including reports associated with each form, refer to EBS Reporting.

Functions

SFTP Management

The SFTP Management function is used to assign and edit user permissions to create and manage SFTP IDs.

Responsibility for the function is initially assigned to a firm designated AM, who grants permission for additional individuals to create and manage SFTP IDs.

  • To Access SFTP Management:
  1. Select the User icon > My Profile.

  1. From the My Account menu, select SFTP Management.

Note: The availability of this page is determined by assigned user entitlements.

  1. View Details
  2. Remove Account Access
  3. Remove All Access
  4. Permission New User

Manage User Permissions

Firm designated back office admin managers can assign permissions to additional firm users.

Prior to adding a new user, request their CME Group Login ID and token, which is used to identify the user.

ClosedAssign User Permission

Before users can manage SFTP functions, a Back Office Admin Manager must assign permissions to create and manage SFTP IDs.

  • To assign user permission:
  1. Navigate to the SFTP Management function.
  1. From the SFTP Management page, select Permission New User.
  1. From the Permissions User for SFTP ID Creation screen, specify user information.
  • User: Users must have a valid CME Group Login and token

To obtain a temporary token, users must access CME Group Login > My Profile to generate a token, then provide to the AM.

  • Account Type: Clearing, Regulatory, Trade Repository, Billing Group, etc
  • Entity: Assigns SFTP management permission to the specified entity and account combination.
  1. To finalize permission assignment, select Submit, then confirm the password dialog (to validate your entitlement to assign this permission).

My SFTP IDs

Appears for users authorized by the firm's back office admin manager to create, claim and manage SFTP IDs.

ClosedCreating SFTP ID

The following procedures illustrate the process to create a SFTP ID for a given entity, account type and account:

  • To Create a SFTP ID:
  1. From the My SFTP IDs screen, select Create SFTP ID.

  1. On the screen that appears, specify SFTP ID Details.
  • Account Details

  • Account Type: Select Clearing, Regulatory, Trade Repository, Billing Group, Owner Group, etc
  • Entity
  • Account Name: Up to 50 alphanumeric (A to Z, and 0 to 9) characters and unique at the entity
  1. Select a secure authentication / encryption option, using SSH and / or PGP.
  • Authentication Details: SSH Key - This optional setting is used for secure authentication.

Enter a valid SSH Public Key (RFC4716 compatible format).

Note: When selecting Yes, a link to an external website appears (Internet Engineering Task Force) with additional information on the SSH protocol.

  • Encryption Details: PGP Public Key - Copy and paste a valid PGP public key, you previously generated for CME Group to encrypt reports and data prior to sending to your directories.

Note: A SFTP ID can be created without a PGP public key, but cannot be activated until PGP Encryption Details are setup.

  1. After setting up encryption, select Submit, then complete multi-factor authentication to verify your identity and secure authentication details.
  1. Select Generate Password to create a system generated password that complies with CME Group password security requirements (24 character alphanumeric).
  1. Select Copy () to store the system generated password in a secure location / file.

  1. After creating the SFTP ID, select Close.

The SFTP Management page updates to include the newly added ID.

ClosedAdding SSH encryption

The following instructions illustrate the process to add Secure Shell Key (SSH) encryption for a SFTP ID authentication. SSH encryption provides enhanced security for files transfers that currently use default User ID and Password authentication.

  • To Add a SSH Key:
  1. Select the User icon > My Profile.

  1. From the My Account menu, select SFTP Management.

  1. Select the SSH icon () for the SFTP ID to manage.

  1. On the dialog that appears enter a valid (RFC4716 format) SSH Public Key, then select Submit.

A security code is sent to the mobile phone number registered to the Profile.

  1. Enter the code, then select Submit.

ClosedClaiming SFTP ID

Use the Claim SFTP ID function when the user that manages a SFTP ID is no longer with a firm but data is sent / received via the ID.

Prior to claiming a SFTP ID, ensure the claiming user is associated with same entity as the ID as the AM or authorized user.

Note: To assign permissions to claim a SFTP ID, view Manage User Permissions.

  • To Claim a SFTP ID:
  1. From the My SFTP IDs screen, select Claim SFTP ID.

  1. On the screen that appears enter the SFTP ID to claim and associated Password, then select Submit.

A confirmation dialog appears, indicating success or failure.

ClosedTransferring SFTP ID to a New User

Registered (Back Office) Admin Managers can transfer SFTP IDs from other users at their firm to recipients at the same firm.

Unlike the claiming process, transferring does not require the current password.

Recipients must be authorized to create and manage SFTP IDs.

Note: Transferring an SFTP ID deactivates it and deletes the PGP (encryption) and SSH (connection) Public keys.

Prior to transferring ensure that there will be no disruption to current sessions and set up new authentication keys (if necessary).

  • To transfer SFTP ID Ownership to another user:
  1. From the CME Customer Center menu, select the User icon > My Profile.

  1. From the My Account menu, select SFTP Management.

  1. From the Authorized SFTP Users pane > Actions column, select Transfer ().
  2. On the screen that appears, the Account Type and Entity for the selected SFTP user is selected.

  1. Select the New Owner, then click Submit.

Available selections include individuals that have permission to create / manage SFTP IDs.

  1. Confirm the submission by completing authentication.

A confirmation banner appears, indicating successful transfer.

  1. After completing the transfer, reset the password (), then contact EASE to activate the SFTP ID.
  • Select Generate Password, then Copy () the password.

Note: Use the copy function for entity system setup or storing the system generated password in a secure location / file.

A security code is sent to the mobile phone number registered to the Profile.

  • Confirm the code then click Submit.
ClosedAccessing SFTP Data and Reports

Accessing SFTP Data and Reports

Using SFTP, you can connect to CME Group systems to send and receive files, using an application enabled for ssh encrypted login.

Public / private key authentication is allowed to secure connections, using SSH public key file format (RFC4716).

  • To establish a connection and access files:
  1. Using the password, SSH or PGP key authentication, log in to access CME Group directories (incoming / outgoing):

Futures & Options / BrokerTec / EBS: Production access via internet

  • Address: sftp.cmegroup.com
  • IP address: 205.209.196.150
  • Port: 22

Futures & Options: Production access via leased line WAN

  • Address: sftp.cmegroup.com
  • WAN CDN connection VPN IP address: 167.204.72.96
  • WAN Futures &Options: 167.204.41.34
  • Port: 22

BrokerTec: Production access via leased line WAN

  • Address: sftp.cmegroup.com
  • WAN CDN connection VPN IP address: 167.204.72.96
  • Port: 22

EBS: Production access via leased line WAN

  • Address: sftp.cmegroup.com
  • IP address: 167.204.72.206
  • Port: 22
  1. After successful login, the root directory appears with default directories to access files.

Directory paths are case sensitive and must be entered exactly as indicated.

Folders and directory path are available as described below:

  • incoming: Confidential data files submitted by firms. Firms upload files as required by CME Group.
  • outgoing: Confidential files, from CME Group, for firms to download and review or complete.
  • pub: A file folder that can be setup with subdirectories to send and receive files.
  • Sample report filenames:

BrokerTec

  • BTEC111_IDY.[Business_Date].BTEU.[GFID].[master account].csv
  • BTEC111_EOD.[Business_Date].BTEU.[GFID].[master account].csv

EBS: End of Day report format

EREP

  • CEOD200_EBS_(GFID)_yyyy-mmm-dd.csv

In this example CEOD200 is the EOD Client Order Events - EBS Market - Daily Report, which is available via EREP.

  • CEOD200_EBS_(GFID)_yyyy-mmm-dd.csv

SFTP

  • CEOD200_(yyyymmmdd).EBS.(GFID).OG_(CID).csv

In this example CEOD200 is the EOD Client Order Events - EBS Market - Regulatory - Daily Report, which is available via SFTP.

  • CEOD200_(yyyymmmdd).EBS.(GFID).OG_(CID).csv

Reports are updated at:

US

  • 9:00 AM CST
  • Intraday: every hour
  • 4:30 PM CST
ClosedInbound Public SFTP Keys

To encrypt your files before uploading to CME SFTP, use the following key.

  • Production Environment

https://www.cmegroup.com/content/dam/cmegroup/misc/sftp-key/CMEGroup_PROD_PGP_pubkey.asc

 


COMPANY
Corporate Overview
Global Contacts

RELATED MATERIALS
Help
Client Systems Wiki
Videos

FEEDBACK
Survey
Contact Us
 




CME Group is the world's leading and most diverse derivatives marketplace. The company is comprised of four Designated Contract Markets (DCMs). Further information on each exchange's rules and product listings can be found by clicking on the links to CME, CBOT, NYMEX, COMEX

© 2020 CME Group Inc. All rights reserved. About CME Disclaimer Privacy Policy