Use Case
Identify security vulnerabilities in network devices and suggest or apply corrections based on Firewall configurations.Problem
Lack of visibility and automation to identify security risks and correct them.Solution
MYRMEX created a complete plan that considered all steps, from visibility to recommendations and corrective actions. This was the process executed to identify vulnerabilities and apply corrections via firewall, using the Fortigate FGT-NM:1. Information Gathering and Device Identification (Agent: Brontes)
1. Information Gathering and Device Identification (Agent: Brontes)
Action: The Brontes agent was activated to perform a network scan and identify connected devices, their operating systems, and running services.Details: Brontes utilized its device management capabilities to collect a detailed inventory and identify potential inadequate or outdated security configurations.Result Achieved: A list of network devices with their respective details and potential vulnerability points was generated.
2. Vulnerability Analysis (Agent: Brontes)
2. Vulnerability Analysis (Agent: Brontes)
Action: Based on the collected information, Brontes analyzed device configurations for known vulnerabilities (e.g., unnecessary open ports, outdated services, default configurations).Details: This step involved comparing software versions with CVE (Common Vulnerabilities and Exposures) databases and verifying compliance with internal security policies.Result Achieved: A preliminary report of identified vulnerabilities, classified by risk level, was produced.
3. Assessment and Correction Suggestions via Firewall (Agent: Hydra)
3. Assessment and Correction Suggestions via Firewall (Agent: Hydra)
Action: The Hydra agent, specialist in integrations and network device management, was activated to interact with the Fortigate FGT-NM.Details: Hydra analyzed the reported vulnerabilities and, based on Fortigate capabilities (such as firewall policies, IPS, network segmentation), suggested corrective actions. This included creating new firewall rules, adjusting existing security policies, or activating IPS signatures.Parameters Used: Integration_id: d8d0d5dc-236a-4755-a7e6-a509b0403f89 and the “Always use SSH” rule for secure communication with Fortigate.Result Achieved: A set of firewall-applicable correction suggestions was generated, with details about configurations to be changed or added.
4. Application of Corrections (Agent: Hydra - Upon approval)
4. Application of Corrections (Agent: Hydra - Upon approval)
Action: Upon approval, Hydra applied the suggested corrections directly to the Fortigate FGT-NM.Details: This step was executed with caution, ensuring that changes were made according to best practices and with minimal impact on network operation.Result Achieved: Firewall configurations were updated to mitigate the identified vulnerabilities.
5. Process Documentation (Agent: Scribe)
5. Process Documentation (Agent: Scribe)
Action: The Scribe agent was utilized to compile a detailed document of the entire process, including the vulnerabilities found, correction suggestions, and applied actions.Details: The document included an executive summary, methodology used, analysis results, and implemented firewall configurations.Result Achieved: A professional PDF report was generated, documenting the analysis and corrections performed.
Key Benefits
Device Information
Comprehensive network and vulnerability identification
Intelligent Orchestration
Coordinated multi-agent workflow for complete security assessment
Firewall Integration
Direct integration with Fortigate for automated policy management
Professional Documentation
Complete audit trail and compliance reporting
Technical Requirements
- Fortigate FGT-NM firewall with SSH access
- Integration ID: d8d0d5dc-236a-4755-a7e6-a509b0403f89
- Network Access: Brontes agent needs network scanning capabilities
- CVE Database: Access to vulnerability databases for analysis
- Documentation: Scribe agent for report generation