Merideon is a two-appliance AI agent security platform. The Security Office governs. The Edge Router enforces. Together they form a closed loop that no agent β compromised or otherwise β can circumvent. Multiple Edge Routers can connect to a single Security Office, spanning subnets, sites, and environments.
Each appliance owns a distinct layer of your security infrastructure. Together they form a closed loop β govern, enforce, detect, respond.
Sits between your agents and the network. Enforces DNS policies at the kernel level, inspects TLS ClientHello for SNI-based blocking, manages DHCP and native IPAM, and runs Andrew AI for natural language network operations. Fail-closed: if enforcement crashes, new agent connections are blocked by the kernel.
Edge Router detailsThe authoritative registry for every AI agent. Manages the full agent lifecycle β registration, approval, credentialing, behavioral interviews, policy authoring, and automated deployment. Policies authored here are pushed live to connected Edge Routers in seconds.
Security Office detailsEach appliance is powerful standalone. Together they form a closed security loop β from governance decision to kernel-level enforcement in seconds.
When an admin authors or updates a policy in the Security Office and pushes it, the policy travels directly to the Edge Router. BIND9 RPZ rules and nftables sets update in under 2 seconds. Badge revocations propagate immediately β a revoked agent's network access is cut off at the kernel level within seconds.
Every DNS policy violation, traffic block, new host detection, and DHCP event is surfaced in the Security Office in real time. The SO sees everything the edge sees β across all connected Edge Routers. One governance view, multiple enforcement points.
Multiple Edge Routers can connect to a single Security Office. Enforce the same agent policies across subnets, network segments, or geographically distributed sites β governed from one place. Each Edge Router enforces independently, so an outage at one site doesnβt affect enforcement at others.
If the Edge Routerβs enforcement engine crashes or is restarted, the kernel continues to block new agent connections until enforcement is fully restored. No gap. No window. Established connections continue; new unauthorized connections cannot be established.
Both appliances maintain immutable audit logs: every action, attributed to an actor, with timestamp and outcome. Security reviews can trace a complete chain of events β from agent registration and badge issuance through policy push to network enforcement event.
Andrew lives in the Edge Router. He monitors the network, responds to natural language commands, enforces policies from the Security Office, and takes autonomous action β always with your explicit approval before changing anything.
Merideon runs entirely on your hardware. No cloud dependency, no data leaving your network.
Both appliances ship as OVF/OVA packages for VMware, or APT packages for bare-metal Ubuntu 24.04. Deploy on any Linux host with Docker installed.
Both appliances serve exclusively over HTTPS. Self-signed certs provided out of the box. Replace with your CA certs for production β paths are fully configurable.
All data persists on Docker named volumes. Survives container restarts, rebuilds, and updates. PostgreSQL for the Security Office, SQLite for the Edge Router.