Cargando…
Large graph visualization of millions of connections in the CERN control system network traffic: analysis and design of routing and firewall rules with a new approach
Abstract The CERN Technical Network (TN) TN was intended to be a network for accelerator and infrastructure operations. However, today, more than 60 million IP packets are routed every hour between the General Purpose Network (GPN) and the TN, involving more than 6000 different hosts. In order to im...
| Autor principal: | |
|---|---|
| Lenguaje: | eng |
| Publicado: |
2015
|
| Materias: | |
| Acceso en línea: | https://dx.doi.org/10.18429/JACoW-ICALEPCS2015-WEPGF045 http://cds.cern.ch/record/2151806 |
| _version_ | 1780950506270621696 |
|---|---|
| author | Gallerani, Luigi |
| author_facet | Gallerani, Luigi |
| author_sort | Gallerani, Luigi |
| collection | CERN |
| description | Abstract The CERN Technical Network (TN) TN was intended to be a network for accelerator and infrastructure operations. However, today, more than 60 million IP packets are routed every hour between the General Purpose Network (GPN) and the TN, involving more than 6000 different hosts. In order to improve the security of the accelerator control system, it is fundamental to understand the network traffic between the two networks and to define new appropriate routing and firewall rules without impacting operations. The complexity and huge size of the infrastructure and the number of protocols and services involved, have discouraged for years any attempt to understand and control the network traffic between the GPN and the TN. In this paper, we show a new way to solve the problem graphically. Combining the network traffic analysis with the use of large graph visualization algorithms we produced usable 2D large color topology maps of the network identifying the inter-relations of the control system machines and services, in a detail and clarity, not seen before. |
| id | cern-2151806 |
| institution | Organización Europea para la Investigación Nuclear |
| language | eng |
| publishDate | 2015 |
| record_format | invenio |
| spelling | cern-21518062022-08-17T13:31:25Zdoi:10.18429/JACoW-ICALEPCS2015-WEPGF045http://cds.cern.ch/record/2151806engGallerani, LuigiLarge graph visualization of millions of connections in the CERN control system network traffic: analysis and design of routing and firewall rules with a new approachComputing and ComputersAbstract The CERN Technical Network (TN) TN was intended to be a network for accelerator and infrastructure operations. However, today, more than 60 million IP packets are routed every hour between the General Purpose Network (GPN) and the TN, involving more than 6000 different hosts. In order to improve the security of the accelerator control system, it is fundamental to understand the network traffic between the two networks and to define new appropriate routing and firewall rules without impacting operations. The complexity and huge size of the infrastructure and the number of protocols and services involved, have discouraged for years any attempt to understand and control the network traffic between the GPN and the TN. In this paper, we show a new way to solve the problem graphically. Combining the network traffic analysis with the use of large graph visualization algorithms we produced usable 2D large color topology maps of the network identifying the inter-relations of the control system machines and services, in a detail and clarity, not seen before.CERN-OPEN-2016-004oai:cds.cern.ch:21518062015-10-01 |
| spellingShingle | Computing and Computers Gallerani, Luigi Large graph visualization of millions of connections in the CERN control system network traffic: analysis and design of routing and firewall rules with a new approach |
| title | Large graph visualization of millions of connections in the CERN control system network traffic: analysis and design of routing and firewall rules with a new approach |
| title_full | Large graph visualization of millions of connections in the CERN control system network traffic: analysis and design of routing and firewall rules with a new approach |
| title_fullStr | Large graph visualization of millions of connections in the CERN control system network traffic: analysis and design of routing and firewall rules with a new approach |
| title_full_unstemmed | Large graph visualization of millions of connections in the CERN control system network traffic: analysis and design of routing and firewall rules with a new approach |
| title_short | Large graph visualization of millions of connections in the CERN control system network traffic: analysis and design of routing and firewall rules with a new approach |
| title_sort | large graph visualization of millions of connections in the cern control system network traffic: analysis and design of routing and firewall rules with a new approach |
| topic | Computing and Computers |
| url | https://dx.doi.org/10.18429/JACoW-ICALEPCS2015-WEPGF045 http://cds.cern.ch/record/2151806 |
| work_keys_str_mv | AT galleraniluigi largegraphvisualizationofmillionsofconnectionsinthecerncontrolsystemnetworktrafficanalysisanddesignofroutingandfirewallruleswithanewapproach |