New Features - Prisma AIRS - August 2025

You can now deploy and manage VM-Series firewalls directly from Strata Cloud Manager, which streamlines the deployment and monitoring of your entire security infrastructure from a single, unified interface. This centralized dashboard within Strata Cloud Manager consolidates threats detected by both VM-Series firewalls and Prisma AIRS AI Runtime: Network Intercept, giving you a unified view of your security operations.

You can also use the same streamlined workflow to deploy a VM-Series firewall as you would for other cloud assets. This capability helps you to accelerate your deployment processes and ensures consistent protection. Enhanced application details provide clear insights into network traffic flow paths, showing which firewall platform protects each application and displaying the firewall serial number and type ( VM-Series or Prisma AIRS AI Runtime: Network Intercept).

You can apply granular security controls to containerized applications by managing traffic inspection at the individual Kubernetes namespace level, moving beyond an all-or-nothing approach. You can selectively inspect or bypass traffic flows based on CIDR ranges within specific namespaces. This provides an optimized security posture where critical traffic is thoroughly examined, while known benign traffic can bypass inspection. This selective approach helps improve performance and resource utilization without compromising security for your Kubernetes workloads. This enhancement strengthens security for your containerized applications, enabling more efficient and effective management of your security posture across diverse Kubernetes workloads.

Organizations increasingly require scalable, elastic, and/or resilient firewalls delivered in a virtual form factor. Extensive public and private cloud infrastructures necessitate dynamic scaling, high-throughput protection, and session resiliency to guarantee business continuity and adapting to the organization's operational pace.

The Hyperscale Security Fabric (HSF) is an innovative solution designed to address the scalability and performance needs of organisations through its Gateway nodes and auto-scaling DP nodes. HSF eliminates the need for third-party external load balancing by deploying AI-Gateways as fixed capacity NGFWs that both inspect and also load balance to the dynamically scaling DP nodes behind them. You can efficiently manage your network security as your data center grows and achieve high throughput capabilities of around 100 Gbps using 4 AI-Gateways and scale to over 200 Gbps with additional AI-DP instances (up to a maximum of 6).

HSF supports the following:

• Session resiliency with session failover to healthy firewall instances.
• Auto-scaling based on session utilization. You can configure auto-scale parameters to dynamically adjust the number of AI-DP instances based on traffic demands.
• Simplified and automated deployment through Software Orchestration Panorama plugin.
• Rolling upgrades with rollback support, ensuring minimal disruption during maintenance.
• Monitoring and visibility to view the firewall cluster as a single entity within Panorama.
• Customer-facing APIs and CLIs for querying individual firewall member status and performance metrics.

The overlay routing feature for EKS traffic allows Prisma® AIRS™ AI Runtime: Network Intercept to eliminate traffic hairpinning. This is achieved by enabling direct egress from the intercept to next-hop destinations like Internet Gateways (IGWs) and NAT Gateways. This new capability prevents traffic from being double-inspected, which reduces latency, bandwidth usage, and resource consumption.

With overlay routing, Prisma AIRS can now function as a single component for both security inspection and network address translation, simplifying the network architecture. It consolidates these functions into a single step, ensuring comprehensive security for containerized workloads while maintaining an efficient and direct traffic flow.

You can extend AI security inspection to LLMs hosted on privately managed endpoints or input/output schemas that are not publicly known. By enabling this support within your AI security profile, all traffic that matches a security policy rule is forwarded to the AI cloud service for threat inspection, regardless of whether the model is a well-known public service or a custom-built private one. This ensures comprehensive security for your entire AI ecosystem.

The new AI security profile inspects and secures the AI traffic between AI applications and LLM models passing through Prisma AIRS: Network intercept that are managed by Strata Cloud Manager or Panorama. This profile protects against threats such as prompt injections and sensitive data leakage.

Protect your serverless resources in Azure or AWS environments by defining security boundaries for them during cloud account onboarding. Once defined, these newly discovered serverless functions become visible on your application dashboard, integrating with your existing virtual machine and container workloads for a unified view of your entire cloud environment. This consolidation of visibility allows you to monitor and manage security for all your compute types from a single location.

The platform uses the same streamlined workflow you already use for other cloud assets. By extending this workflow to serverless functions, you can consistently deploy firewall protection, ensuring comprehensive security coverage as your cloud-native architectures evolve. This approach provides a repeatable, automated way to secure your dynamic cloud applications, helping to maintain a strong security posture without the need for manual, per-resource configurations. The integration of serverless resources into the centralized dashboard simplifies management and helps you quickly identify and protect newly deployed functions.

API scan events, including blocked threats, now integrate with the logging service, providing a unified log viewer interface for both API-based and network-based AI security events. The Log Viewer now includes a new log type, Prisma AIRS AI Runtime Security API, which displays the scan API logs. This integration allows Security Operations Center (SOC) teams to be alerted to critical threats.The integration also enables a powerful query builder to search and analyze scan data and supports out-of-the-box queries for analyzing threats. Log forwarding is now supported for Prisma AIRS AI Runtime: API intercept. This ensures comprehensive visibility and streamlines security operations across multiple supported regions.