查看文章

As a company grows, so does its infrastructure—especially its information technology (IT) infrastructure. Maintaining a transparent and manageable firewall policy during this period of rapid upscaling is nigh impossible. The situation is further complicated when multiple people—or even multiple teams—deploy and maintain these firewall policies. Different people often tackle a problem differently, developing different solutions, which, in turn, lead to different firewall policies. Inconsistencies in firewall policies are particularly problematic when it comes to updating, patching, and testing firewalls. Motivated by these issues, in this work, we collaborate with a telecommunications company and construct a web application that leverages machine learning to detect anomalies in firewall policies. The machine learning models can use firewall logs from internal firewalls, and, therefore, can learn the intricacies of traffic on a …