The client sought to improve operational efficiency across complex, multi-tenant firewall environments. Manual workflows and API-driven tasks required deep expertise and significant time investment, limiting agility and scalability.
- Reduce operational overhead associated with manual firewall configuration, diagnostics, and troubleshooting
- Enable natural language interaction for routine administrative tasks across distributed firewall environments
- Securely integrate with protected firewall APIs while maintaining enterprise-grade security and data isolation
- Improve time-to-resolution for operators managing multi-tenant deployments
- Support thousands of users and high volumes of LLM requests with predictable cost and performance
- Align the solution with an AWS-first architecture strategy and cloud-native scalability requirements
- Enable unified access to operational data (logs, configurations, and system metadata) across distributed environments
- Improve visibility into system behavior, usage trends, and incident patterns
- Reduce data silos to support faster, insight-driven troubleshooting and decision-making
We designed and implemented a cloud-native, agentic AI architecture on AWS to enable natural language–driven firewall management. The solution combines foundation models, managed Retrieval-Augmented Generation (RAG), and secure API orchestration to streamline operational workflows.
- Deployed a cloud-native, agentic AI architecture on Amazon EKS to orchestrate intent interpretation and task execution
- Used Amazon Bedrock foundation models with tool-use (function calling) to translate natural language prompts into secure firewall API actions
- Implemented managed Retrieval-Augmented Generation (RAG) using Amazon Bedrock Knowledge Base and Titan Text Embeddings V2
- Leveraged AWS OpenSearch Serverless for scalable vector-based semantic retrieval
- Built event-driven knowledge ingestion pipelines using Amazon S3 and AWS Lambda
- Secured all Bedrock integration using AWS PrivateLink and VPC Endpoints to maintain private, internet-isolated access
- Optimized performance and cost using Amazon ElastiCache (Redis, Multi-AZ) and Amazon RDS for PostgreSQL
- Selected AWS-managed services over self-hosted alternatives to reduce operational complexity and improve reliability
- Built event-driven data pipelines using Amazon S3 and AWS Lambda to ingest logs, configurations, and operational data, and process them using Bedrock Knowledge Base and Titan Embeddings for semantic understanding
- Centralized and indexed data across Amazon S3, OpenSearch Serverless, and Amazon RDS for scalable, unified access
- Enabled query insights, usage trends, and visibility into LLM request patterns and orchestration flows using Langfuse and CloudWatch
- Identified recurring incident patterns and operational bottlenecks to improve system observability
- Enabled faster troubleshooting and reduced MTTR through context-aware actions and quicker access to relevant operational data
- Ensured secure, governed data access using PrivateLink, VPC Endpoints, Secrets Manager, and Parameter Store
By deploying an agentic AI architecture on AWS, the client transitioned from manual firewall workflows to natural language–driven task execution.
- Reduced time-to-task completion for supported diagnostics and administrative workflows
- Increased operator productivity by minimizing dependency on deep product expertise
- Streamlined multi-tenant firewall management through automated API orchestration
- Improved responsiveness and workflow consistency across distributed environments
- Established a scalable, AWS-native architecture capable of supporting thousands of users
- Reduced operational complexity by leveraging managed AWS services instead of self-hosted AI infrastructure
- Improved access to operational insights and faster identification of issues through centralized data pipelines
- Enhanced visibility into system usage, query behavior, and incident trends
- Minimized data silos by unifying logs, configurations, and system metadata across environments
While financial ROI was not directly measured, operational efficiency improvements are expected to contribute to lower support overhead, improved resource utilization, and long-term cost optimization.
