Depending on the exact meaning of "graph" in the original post, it may not be a visualization. I've been using graph theoretical methods to analyze my firewall rules for overlap and proximity for a while.
I ingest all the rules in an access layer via the API, then convert them into a set of directed edges with one source, one destination, and one service per edge. I then build a graph from all the edges, and extract subgraphs for analysis or plotting.
It's great for finding certain classes of error in the policy. For example, I extracted all the rules referencing a three-member web server farm and found a few load balancers were only allowed to talk to two of them. They had been added by different people over the span of a year, so things were built inconsistently and nobody realized.
I started with PowerShell and GraphViz via PSGraph. I have since moved to some tools I've built myself.