Financial institutions use automation tools to assess electronic financial infrastructure, but existing solutions focus on general-purpose systems and provide limited support for key security appliances such as FW, VPN, IPS, DDoS, and WAF. As a result, vulnerability checks rely heavily on manual consultant reviews, causing high resource consumption and inconsistent outcomes. This study analyzes vendor-specific configuration formats and proposes a multi-source collection method using backup files and management interfaces (CLI, WebUI). Collected configurations are standardized and automatically evaluated through a rule engine aligned with electronic financial infrastructure assessment criteria. Testing on production devices showed an average automation rate of 74.2%. IPS and DDoS systems achieved higher rates due to simpler policy structures, whereas FW and VPN demonstrated lower rates. The findings show that the proposed approach improves the efficiency and consistency of security appliance assessments in real operational environments.
Yoo et al. (Sat,) studied this question.