Watch on YouTube
Watch on Vimeo
Elyor Khakimov details how the combination of a definitive network digital twin and advanced AI logic shifts network engineering from manual risk mitigation to fully autonomous execution. Traditionally, complex migrations require weeks of coordination, leaving engineers with immense anxiety right up to deployment. By utilizing an AI networking agent powered by a large language model for reasoning, Forward bridges this operational gap. The agent operates as an intelligent coworker with programmatic access to a point-in-time snapshot of the network harvested by a centralized collector. Empowered with specialized tools for path mapping, configuration ingestion, and routing analysis, the agent leverages deterministic data to safely research, design, and validate network changes entirely within a virtual sandbox.
The presentation demonstrates this capability by replaying a 240-step fully autonomous migration of an internal web service from San Jose to Atlanta. Given only a high-level user intent prompt, the agent independently identifies endpoints, reviews topology context, and builds destination NAT and BGP configurations at machine speed. Crucially, the system defines intent-based validation tests before drafting commands so it knows exactly what success looks like. When its initial configuration proposal fails in Forward Predict because a BGP route advertisement fails to reach the core, the agent enters an autonomous feedback loop, diagnoses the routing issue, and corrects its own commands. It then runs a regression analysis that catches an unintended security risk where internal servers are exposed to the internet. Recognizing this vulnerability, the agent seamlessly switches to an exposure review skill, traces the end-to-end path, writes a deny rule for a Palo Alto edge firewall, and resolves the issue before code ever touches production.
While the demo showcases the agent’s ability to automatically commit multi-vendor code and push changes directly to live Cisco and Palo Alto devices, production environments are designed to integrate this pipeline with external orchestration platforms like Ansible or ServiceNow. Once changes are executed on the wire, the digital twin automatically takes a new live network snapshot, verifying post-execution reachability against the predicted state to guarantee a zero-regression outcome. Addressing panel questions regarding capacity and out-of-band updates, the speakers emphasize that Forward Predict serves as an isolated validation gate separate from the agent’s proposal engine, ensuring the AI cannot bypass security guardrails or execute dangerous changes. Ultimately, this integration establishes the foundational blueprint for autonomous network operations, introducing a powerful loop of programmatic feedback and design-time testing that delivers total operational confidence.
Personnel: Elyor Khakimov
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
