Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
>
Clear
Prisma AIRS AI Runtime: Network Intercept Prerequisites and Limitations
Updated on
Aug 12, 2025
Focus
Download PDF
Updated on
Aug 12, 2025
Focus
Home
Prisma AIRS
Activation & Onboarding
Prisma AIRS AI Runtime: Network Intercept Prerequisites and Limitations
Download PDF
Prisma AIRS
Prisma AIRS AI Runtime: Network Intercept Prerequisites and Limitations
Table of Contents
Filter
Expand All
|
Collapse All
Prisma AIRS
Activation & Onboarding
Administration
Release Notes
Previous
Generate a Device Certificate for Prisma AIRS AI Runtime: Network Intercept
Next
Create and Associate a Deployment Profile for Prisma AIRS AI Runtime: Network Intercept
Prisma AIRS AI Runtime: Network Intercept Prerequisites and Limitations
A list of
Prisma AIRS
AI Runtime prerequisites and limitations.
Where Can I Use This?
What Do I Need?
Prisma AIRS
AI Runtime Security
Prisma AIRS Licenses
Prerequisites
Prisma AIRS Licenses
.
Review the
AI Models on Public Clouds Support Table
.
Terraform
version > 1.3 and < 2.
Each
Prisma AIRS
AI Runtime: Network intercept requires a minimum of 4 vCPUs.
Optional
Helm
if you want to protect the Kubernetes clusters.
Enable Cloud Management for
Prisma AIRS
AI Runtime: Network intercept using
Strata Cloud Manager
.
Contact Palo Alto Networks support or your account team and provide the following information: tenant service group (TSG) ID, tenant name, and region.
Limitations
Licensing Capacity Limit: Limited to processing up to 10K AI transactions per day per vCPU of
Prisma AIRS
AI Runtime: Network intercept.
The following regions are supported:
Strata Cloud Manager
and tenant service group (TSG): US, UK, India, Canada, and Singapore regions only.
Cloud Service Providers (AWS, Azure, and GCP): Any region supported.
Log Storage and AI Traffic Processing:
All logs are stored in the above supported regions.
All AI traffic is sent to the US region for threat inspection.
Prisma AIRS
AI Runtime: Network intercept can harvest IP-tags only from public and hybrid clusters on GCP, Azure, and AWS cloud platforms.
Prisma AIRS
AI Runtime: Network intercept is supported for private clouds, for example, ESXi, KVM, Rancher, and Rosa OpenShift.
Previous
Generate a Device Certificate for Prisma AIRS AI Runtime: Network Intercept
Next
Create and Associate a Deployment Profile for Prisma AIRS AI Runtime: Network Intercept