Network incidents don’t follow a schedule.
Ports fail. Alerts spike. Threats emerge.
And too often, the response is still manual — a script here, a ticket there, a late-night login to fix something that broke again. Troubleshooting is always ad-hoc, not structured, not standardized.
For years, automation has helped teams speed up resolution. But speeding up scripts isn’t the same as evolving operations.
Now, with the rise of AI agents and orchestration platforms, there’s a new opportunity: to move from reactive fixes to intelligent, repeatable flows that can resolve incidents — and prevent them from happening again.
AI-Driven Remediation
This is what we call AI-driven remediation, and in our latest demo, I show exactly how it works.
Step 1: Detection Triggers the Flow
In our scenario, a monitoring system detects two issues:
- A port failure on a CSR1Kv device
- A high threat alert on a Panorama firewall
These are correlated and automatically sent to Itential’s Platform for incident remediation, which kicks off a predefined orchestration flow — no human required.
But what makes this different from a basic script?
That’s where the AI agents come in
Step 2: GPT Handles Initial Troubleshooting
First up is GPT, acting as our AI Troubleshooting Agent
Its responsibilities:
- Summarize the incident
- Assess severity
- Check for historical patterns
- Recommend a remediation plan. This includes both:
- CLI config recommendations (with pre/post validation steps)
- API payloads for systems like Panorama
GPT gives us speed — it interprets the event in real time and outlines next steps. But we don’t blindly act on those suggestions. Instead, we route them through a second AI agent.
Step 3: Gemini Performs Risk Validation
Enter Gemini, our AI risk analysis and validation agent.
Its job is to:
- Evaluate ChatGPT’s recommended changes
- Assess alignment with policies, security standards, and compliance frameworks
- Flag or halt the flow if any action creates risk
Gemini gives us control — it’s the policy guardrail that ensures speed doesn’t come at the cost of safety. Only if the remediation plan is validated does the orchestration continue.
Step 4: Remediation Plan is Executed — with Checks
Once approved, Itential’s platform orchestrates the full remediation, including:
- Running pre-checks to verify current state (e.g. confirming the port is down)
- Executing the configuration change
- Running post-checks to ensure resolution (e.g. port is now up, config change succeeded)
The same process plays out for both the network device and the firewall — all orchestrated, all automated, all auditable in ServiceNow.
This is where the move from “automated scripts” to “orchestrated flows” really becomes clear. Every step is coordinated, conditional, and tied to business logic.
Step 5: Claude Closes the Loop with Root Cause Analysis
Finally, we hand things off to Claude, our AI Root Cause Analysis Agent.
Claude’s role:
- Analyze historical incident patterns
- Identify underlying systemic issues
- Recommend process improvements
- Document all findings in the incident record
Claude gives us hindsight — and the insight to prevent future issues from recurring. Instead of just closing a ticket, we’re building toward long-term resiliency.
From Scripts to Self-Healing
Let’s be honest: automation alone doesn’t get you to self-healing infrastructure.
Siloed scripts don’t scale.
AI without context doesn’t help.
And remediation without feedback doesn’t improve.
What you need is orchestration — a system that can coordinate the right agents, at the right time, in the right way.
That’s what Itential delivers.
What Makes Itential Different
- Multi-Agent Orchestration: Connect any AI tool (LLMs, risk engines, RCA models) into a single workflow.
- Policy Enforcement by Design: Every step is validated before execution.
- Full Auditability: Actions and outcomes are documented in platforms like ServiceNow.
- Built for Scale: Whether it’s one incident or a thousand, the process stays the same.
Want to See It in Action?
🎥 Watch the demo and see how ChatGPT, Gemini, and Claude work together in a live remediation flow — all orchestrated through the Itential platform.
