Forward AI Demo – Risk Mitigation and Security with Forward Networks

The presentation by Forward Networks demonstrated how their Forward AI platform addresses the critical security challenge of mitigating risks posed by vulnerable hosts, specifically a host named `batch 01` with unpatchable critical vulnerabilities. Traditionally, blocking internet access for such a host involves a laborious, hop-by-hop network analysis to identify firewalls and their configurations, a process that is time-consuming, prone to errors, and difficult to scale across multiple vulnerable devices. Failure to implement these blocks correctly could leave the network exposed, underscoring the need for an automated, reliable solution.

Forward AI streamlines this process significantly. Upon receiving a natural-language query such as “What firewalls do I have to block in order to remove access to the internet for host batch 01?”, the system first gathers context about the host’s vulnerabilities. It then performs a comprehensive path trace from the vulnerable host’s IP address to the entire internet (`0.0.0.0/0`), identifying all egress paths. The AI pinpoints the specific firewall (e.g., `SJC building one FW01`) and the exact access control rule currently permitting the traffic. It then provides verifiable evidence of these findings, such as showing multiple potential paths and the specific rule, and subsequently suggests precise CLI commands to implement a block, typically by modifying or adding a rule to deny traffic from the vulnerable host, thus offering a critical head start in rapid risk mitigation.

The underlying AI architecture uses state-of-the-art, off-the-shelf Large Language Models (LLMs) from providers such as Anthropic (Sonnet and Haiku models via AWS Bedrock) for natural language understanding and task planning. Crucially, these LLMs are not custom-trained or fine-tuned with proprietary networking data. Instead, deep network analysis, the network’s digital twin, and the “guardrails” that ensure the AI’s suggestions are relevant, accurate, and actionable within the network context reside within the Forward Networks platform’s agent. This modular design allows customers to plug in their own hosted LLMs while relying on Forward Networks for authoritative network intelligence and protective logic.