Use Application Filters for GenAI Apps on Panorama

Log in to the
Panorama™ management server
web interface.
Select
Objects
Application Filters
and
Add
a new application filter.
Enter a descriptive
Name
.
For the
Tag
select
Generative AI
.
All GenAI apps inspected by
NGFW
or
Prisma Access
are tagged with
genai
when inspected. When creating a custom application filter for GenAI apps,
Palo Alto Networks
recommends selecting the
Generative AI
tag to ensure the Security policy rule the application filter is added to applies to GenAI app traffic.
Configure additional
Category Filters
to narrow down the scope of impacted GenAI apps. Consider the following tags when creating your GenAI application filter.
Risk
—Specify the
Risk
score so the Security policy rule action only applies to GenAI apps with the selected risk score.
For example, you want to write a Security policy rule to block access to all risky GenAI apps regardless of its use. In this case, you can create an application filter for GenAI apps
4
and
5
so the Security policy rule only applies to GenAI apps with these risk scores.
Review the list of matching applications.
Click
OK
.
Select
Commit
and
Commit and Push
your configuration changes.
Create Custom Security Policy Rules to Control GenAI Access.