Watch on YouTube
Watch on Vimeo
The presentation by Forward Networks demonstrated how their Forward AI platform addresses the critical security challenge of mitigating risks posed by vulnerable hosts, specifically a host named `batch 01` with unpatchable critical vulnerabilities. Traditionally, blocking internet access for such a host involves a laborious, hop-by-hop network analysis to identify firewalls and their configurations, a process that is time-consuming, prone to errors, and difficult to scale across multiple vulnerable devices. Failure to implement these blocks correctly could leave the network exposed, underscoring the need for an automated, reliable solution.
Forward AI streamlines this process significantly. Upon receiving a natural-language query such as “What firewalls do I have to block in order to remove access to the internet for host batch 01?”, the system first gathers context about the host’s vulnerabilities. It then performs a comprehensive path trace from the vulnerable host’s IP address to the entire internet (`0.0.0.0/0`), identifying all egress paths. The AI pinpoints the specific firewall (e.g., `SJC building one FW01`) and the exact access control rule currently permitting the traffic. It then provides verifiable evidence of these findings, such as showing multiple potential paths and the specific rule, and subsequently suggests precise CLI commands to implement a block, typically by modifying or adding a rule to deny traffic from the vulnerable host, thus offering a critical head start in rapid risk mitigation.
The underlying AI architecture uses state-of-the-art, off-the-shelf Large Language Models (LLMs) from providers such as Anthropic (Sonnet and Haiku models via AWS Bedrock) for natural language understanding and task planning. Crucially, these LLMs are not custom-trained or fine-tuned with proprietary networking data. Instead, deep network analysis, the network’s digital twin, and the “guardrails” that ensure the AI’s suggestions are relevant, accurate, and actionable within the network context reside within the Forward Networks platform’s agent. This modular design allows customers to plug in their own hosted LLMs while relying on Forward Networks for authoritative network intelligence and protective logic.
Personnel: Nikhil Handigol
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
