HSViz: Hierarchy Simplified Visualizations for Firewall Policy Analysis

Most of the companies have firewalls in order to protect their internal networks and assets from the attacker of the cyber space. Firewall policies should be maintained and organized with high importance. However, considering the length of time needed in analyzing the highly complex policies and the...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access 2021, Vol.9, p.71737-71753
Main Authors: Lee, Hyunjung, Lee, Suryeon, Kim, Kyounggon, Kim, Huy Kang
Format: Article
Language:English
Subjects:
Complexity theory
Data visualization
Firewall policy visualization
Firewalls
Firewalls (computing)
Internet
IP networks
Policies
Policy analysis
rule anomaly detection
Visibility
Visualization
Websites
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Most of the companies have firewalls in order to protect their internal networks and assets from the attacker of the cyber space. Firewall policies should be maintained and organized with high importance. However, considering the length of time needed in analyzing the highly complex policies and the risks of disabling firewall that may arise in case of a false policy setting. It is extremely hard to securely optimize the performance of firewalls. This paper is to suggest a visualization tool that shows the status and the types of policies applied throughout the firewalls so that such difficulties related to the maintenance of firewall policies can be resolved. The proposed tool is designed in six different angles; (1) Hierarchy-view, (2) Anomaly-view, (3) Distributed-view, (4) ANYPolicy-view, (5) SearchResult-view, and (6) Top and Bottom Used-view. The core of the overall function is to facilitate the easy identification of the policy interrelationships. The visualization tool has been tested by being applied across approximately 24 different firewall policies. The processing speed of each function and abuse detection rate were all reviewed positively. By the help of the tool, identifying the services, performance improvement, and visibility of the policy relations, which thereby will lead to better safety in preserving the assets intact. A video of the proposed visualization tool can be found on the web site: https://youtu.be/43OfHN8dteU
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2021.3077146