AI Runtime End-to-End Security Workflow
The AI Runtime Security instance monitors both AI and non-AI traffic
within the protected workloads of your cloud environment. Its security posture
offers a comprehensive workflow covering ingress, egress, and east-west traffic.
Deployment Profile Activation on Hub
To begin with, activate your AI Runtime licenses, and create an AI runtime
deployment profile in the Palo Alto Customer Support Portal (CSP), associate it with
a TSG, and activate the cloud tenant.
Activation and Onboarding of Cloud Account in SCM
This involves configuring the cloud account in the Strata Cloud Manager
(SCM) with the service account and deploying the generated Terraform in your cloud
environment. The Terraform script creates AI Runtime Security
resources and grants necessary permissions to enable asset discovery from SCM.
Discovery of Application Workloads
Following the successful activation of your account, the SCM
Insights → AI Runtime
Security dashboard provides a consolidated overview of the
identified cloud assets and the network traffic pathways—between applications and AI
models, user applications to the internet, and external applications to user
applications. This interactive view assists in analyzing risks associated with
unprotected applications and evaluating potential threats.
AI Runtime Security instance Deployment in the Cloud
Deploy the AI Runtime Security instance in your cloud
environment to protect vulnerable assets and monitor network traffic flow based on
the risk analysis from the SCM dashboard.
Defend with Granular Security Policies
To defend and prevent potential AI attacks create specific security
policies and push the onboarding rules and policy configuration snippets from SCM to
the AI Runtime Security instance.
Define AI security profiles for application protection, AI model
protection, and data protection with capabilities for alert actions, blocking
actions, and log forwarding.
You can define security policy rules for a zone or a
Dynamic Address Group.
As AI traffic flows from VM-based applications to models, the
deployed AI Runtime Security instance connects to the cloud service to fetch
the AI traffic and threat logs.
It monitors and applies the security
rules to identify threats. Detailed logs are available for analysis in SCM under
Incidents and Alerts →
Log Viewer →
Firewall/AI Security.