Large Graph Visualization of Millions of Connections in the CERN Control System Network Traffic: Analysis and Design of Routing and Firewall Rules with a New Approach

Gallerani, Luigi

doi:10.18429/JACoW-ICALEPCS2015-WEPGF045

Joint Accelerator Conferences Website

The Joint Accelerator Conferences Website (JACoW) is an international collaboration that publishes the proceedings of accelerator conferences held around the world.

RIS citation export for WEPGF045: Large Graph Visualization of Millions of Connections in the CERN Control System Network Traffic: Analysis and Design of Routing and Firewall Rules with a New Approach

TY - CONF
AU - Gallerani, L.
ED - Corvetti, Lou
ED - Riches, Kathleen
ED - Schaa, Volker RW
TI - Large Graph Visualization of Millions of Connections in the CERN Control System Network Traffic: Analysis and Design of Routing and Firewall Rules with a New Approach
J2 - Proc. of ICALEPCS2015, Melbourne, Australia, 17-23 October 2015
C1 - Melbourne, Australia
T2 - International Conference on Accelerator and Large Experimental Physics Control Systems
T3 - 15
LA - english
AB - The CERN Technical Network (TN) TN was intended to be a network for accelerator and infrastructure operations. However, today, more than 60 Million IP packets are routed every hour between the General Purpose Network (GPN) and the TN involving more than 6000 different hosts. In order to improve the security of the accelerator control system, it is fundamental to understand the network traffic between the two networks in order to define appropriate routing and firewall rules without impacting Operations. The complexity and huge size of the infrastructure and the number of protocols and services involved have discouraged for years any attempt to understand and control the network traffic between the GPN and the TN. In this talk, we will show a new way to solve the problem graphically. Combining the network traffic analysis with the use of large graph visualization algorithms we produce comprehensible and usable 2D large colour topology graphs mapping the complex network relations of the control system machines and services in a detail and clarity never seen before. The talk integrates very interesting pictures and video of the graphical analysis attempt.
PB - JACoW
CP - Geneva, Switzerland
SP - 799
EP - 801
KW - network
KW - controls
KW - operation
KW - Windows
KW - database
DA - 2015/12
PY - 2015
SN - 978-3-95450-148-9
DO - 10.18429/JACoW-ICALEPCS2015-WEPGF045
UR - http://jacow.org/icalepcs2015/papers/wepgf045.pdf
ER -