Configure AI Gateway
Focus
Focus
Prisma AIRS

Configure AI Gateway

Table of Contents

Configure AI Gateway

Learn about Prisma AIRS AI Gateway.
Where Can I Use This?What Do I Need?
  • Prisma AIRS
AI Gateway provides a centralized security and observability layer for all AI traffic in your organization — including LLM prompts, Model Context Protocol (MCP) interactions, and agent-to-agent (A2A) communication. It is managed through Strata Cloud Manager (SCM) and is available in two deployment models:
  • SaaS — Enabled by default. No additional infrastructure setup required. Scales automatically with built-in high availability.
  • Hybrid — Host the Data Plane in your own environment using a containerized deployment with Helm charts, while managing everything centrally via SCM. Supports multi-zone Kubernetes deployments for maximum resiliency.
Key capabilities in this release:
  • Unified AI traffic visibility — Monitor and audit all AI interactions across prompts, MCP, and A2A traffic from a single dashboard.
  • Flexible logging — Event logs stream to SIEM/SOAR tools via OpenTelemetry-compatible endpoints; prompt logs are stored natively with 1-year retention and can be exported to a customer-owned S3 bucket (Hybrid deployments).
  • Guardrails — Basic and third-party guardrails are supported out of the box; "Check Language" and "Detect Gibberish" are available under the Basic tier.
  • Flex credit licensing — Metered by token consumption (1 token = 4 characters), with identical pricing across both deployment models.
  • SCM-managed — Full lifecycle management through Strata Cloud Manager with role-based access control via SBAC.
A single default workspace is provided per tenant. Multiple workspace support and SLS integration for Threat Logs is supported.
AI Gateway is a security and observability layer for AI traffic — including LLM prompts, MCP interactions, and agent-to-agent (A2A) communication. It is managed centrally through Strata Cloud Manager (SCM) and is available in both SaaS and Hybrid deployment models.

Region Availability

AI Gateway is initially available in the Americas region for both SaaS and Hybrid deployments.

Deployment Options

SaaS and Hybrid deployments are supported.
Both deployment models are priced identically — there is no cost penalty for choosing one over the other, and no additional cost for using multiple gateways or distributing the data plane.
SaaS (Default) Deployment
Enabled by default. No additional setup is required to begin using AI Gateway.
AttributeDetails
Setup requiredNone
ScaleUnlimited — cloud-hosted
High AvailabilityBuilt-in
ManagementStrata Cloud Manager (SCM)
Hybrid Deployment
Host the data plane in your own environment (any public cloud, private cloud, or on-premises Kubernetes cluster) while managing it centrally via SCM. The Data Plane ships as a container image with Helm charts.
AttributeDetails
Setup requiredDeploy container using Helm charts
ScaleDependent on CPU and memory allocated to the Data Plane
High AvailabilityMulti-zone Kubernetes — pods auto-distributed across Availability Zones
ManagementStrata Cloud Manager (SCM)

Licensing and Activation

AI Gateway is licensed using flex credits. All metering is based on token consumption.
Token calculation: 1 token = 4 characters of text (industry standard). All AI transactions — prompts, MCP interactions, and A2A traffic — are metered by token usage. License your instance based on maximum expected monthly token consumption.
Activation Steps
  1. Create a Deployment Profile (DP) in SCM and allocate flex credits to AI Gateway
  2. Indicate preferred deployment mode (SaaS or Hybrid) — tracking only, not enforced.
  3. Map the Deployment Profile to a Tenant Service Group (TSG) to link SCM and SLS to AI Gateway.
  4. Launch SCM to complete setup and configuration.

Onboarding

SaaS Onboarding
The SaaS Gateway is enabled by default. After licensing activation, you can start routing AI traffic through the gateway immediately — no infrastructure work required.The SaaS Gateway is enabled by default. After licensing activation, you can start routing AI traffic through the gateway immediately — no infrastructure work required.
Hybrid Onboarding
Obtain the Data Plane container image and Helm charts from Palo Alto Networks
  1. Obtain the Data Plane container image and Helm charts from Palo Alto Networks.
  2. Deploy the container into your Kubernetes cluster.
  3. Configure multi-zone deployment across Availability Zones.
  4. Register and manage the Data Plane through SCM.

Logging

AI Gateway separates logs into two categories with different storage and routing strategies: event logs and prompt logs.
Event Logs
Small, structured logs for real-time SIEM/SOAR ingestion. Includes audit events, authentication events, traffic logs, and metrics/analytics. The following logs are supported:
  • Storage. AI Gateway Native; SLS (Threat Logs).
  • Retention. 1 year.
  • Dashboards. AI Gateway dashboard; Strata Logging Service (SLS) dashboard (Threat Logs).
  • Export. OpenTelemetry-compatible endpoints; Export from SLS (Hybrid + SaaS)
Prompt Logs
Large, text-heavy logs capturing full LLM context windows. Routed to observability tools for performance analysis, cost tracking, and compliance storage.
The following logs are supported:
  • Storage. AI Gateway Native.
  • Retention. 1 year.
  • Dashboards. AI Gateway dashboard.
  • Export. Local export to customer-owned S3 bucket (Hybrid only)

Workspaces and Tenants

AI Gateway ConceptStrata Cloud Manager (SCM) Equivalent
OrganizationTSG (Tenant Service Group)
WorkspaceSCM Workspace (role-based access via SBAC)

Guardrails

GuardrailStatusNotes
Basic guardrailsSupportedFully available
Third-party guardrailsSupportedFully available
"Check Language" (formerly Pro)Reclassified to Basic Available under Basic tier
"Detect Gibberish" (formerly Pro)Reclassified to Basic Available under Basic tier
PII detectionNot includedHandled by AI Runtime (advanced DLP)
ModerationNot includedHandled by AI Runtime (advanced threat detection)
PII and Moderation are intentionally handled by AI Runtime, which provides more comprehensive threat detection and DLP capabilities beyond what guardrails cover.

Configure LLM Integration Using AI Gateway

You access the Prisma AIRS AI Gateway from the AI Security section in Strata Cloud Manager.
  1. Navigate to AI Security; select the AI Gateway tile; you’ll use this for your centralized plane for AI agents.
    This launches a number of steps you’ll follow to add an LLM:
    • Select a provider.
    • Set integration details.
    • Provision the workspace.
    • Configure model provisioning.
    Each of these steps are described below.
  2. The first step in the process is to Select the LLM Provider; this page displays the total number of available providers. Choose the provider(s), then click Next: Set Details.
    At any point during the configuration process you can save your selections and return by clicking Save for Later.
  3. Configure Integration Details. Use this step to configure the following sections:
    1. Enter Basic Information. Provide a name, optionally provide a description, enter the Slug and include the API Key.
      A slug is an identifier for a provider or integration within the AI Gateway. For instance, provider slugs can be found in the Model Catalog and are used in API calls to specify a particular provider.
    2. Enter Optional Fields. Optionally provide the project ID and specify the organization.
    3. Configure Advanced Options. Include the Custom Host and Custom Headers. The custom host is used to route requests to privately hosted or local models using custom host URLs, and understand host validation and security rules. A custom header is for MCP servers using API keys or static tokens; these headers are included with every request; all users share the same credentials.
      Click Add Header to include a new custom host and custom header.
    4. Configure a Pricing Adjust Multiplier. This section is used to apply discount or markup multipliers to your integration so cost tracking reflects your effective rate with a provider. Use the toggle to enable this functionality.
      When you configure the multiplier, you select the mode (Form, the default, or JSON). Use Form for the most common token types. Use the JSON editor for the full multiplier shape, including reasoning, audio, image, and additional units.
      Pricing Adjustments let you apply a discount or markup to an integration, so cost tracking reflects your effective rate with that provider. A multiplier of 1 leaves pricing unchanged. 0.8 applies a 20% discount. 1.2 applies a 20% markup. This is especially useful for:
      • Negotiated Discounts: Reflect enterprise contracts or committed-use rates from a provider on the corresponding Integration.
      • Internal Cost Showback: Apply a markup so the cost reported to internal teams or workspaces includes your platform overhead.
      • Custom Per-Integration Rates: Maintain different effective pricing across multiple Integrations of the same provider (e.g. a discounted production Integration alongside a standard-rate sandbox).
      For a discount, convert the percentage to a multiplier with:
      multiplier = 1 - (discount% / 100)
      Example: a 10% discount on Default and a 15% discount on Request Tokens:
      • Default1 - (10 / 100) = 0.90
      • Request Tokens1 - (15 / 100) = 0.85
      Request Tokens use 0.85; Response Tokens, Cache Read Tokens, and Cache Write Tokens inherit 0.90 from Default.
  4. Setup Workspace Provisioning. Workspace provisioning determines which teams and projects can access this Integration. This is crucial for maintaining security boundaries and ensuring teams only access approved AI resources. Workspace provisioning works when you share credentials with a workspace:
    • That workspace sees it as an AI Provider in their Model Catalog.
    • They can use it immediately; no need to enter credentials again.
    • Set different budgets/rate limits for each workspace.
    • Revoke access anytime.
    1. Select which workspaces should have access:
      • All workspaces: Grants access to every workspace in your organization.
      • Specific workspace: Choose individual workspaces that need access.
    2. For each workspace, use the Set Value option to configure budget and rate limits. These options provide financial and usage guardrails for your AI operations; they include:
      • Custom budget limits. Budget Limits on Integrations provide a simple way to manage your spending on AI providers (and LLMs), giving you confidence and control over your application’s costs. They act as financial guardrails, preventing unexpected AI costs across your organization. These limits cascade down to all AI Providers created from this Integration.
      • Custom rate limits. Rate limits control the velocity of API usage, protecting against runaway processes and ensuring fair resource distribution across teams.
      • Specific model access. Used to define specific models that have access.
    3. Add Rate Limits. Rate limits control the velocity of API usage, protecting against runaway processes and ensuring fair resource distribution across teams. You set Rate Limits by defining them through a Request or by Token. Use the toggle to enable a budget for the Integration. Use the toggle to enable rate limits for the Integration.
      Consider the following configuration options:
      Limit Types
      • Request-based: Limit number of API calls (e.g., 1000 requests/minute)
      • Token-based: Limit token consumption rate (e.g., 1M tokens/hour)
      Time Windows
      Choose from three different time intervals for your rate limits:
      • Per Minute: Limits reset every minute, ideal for fine-grained control.
      • Per Hour: Limits reset hourly, providing balanced usage control.
      • Per Day: Limits reset daily, suitable for broader usage patterns.
      Key Considerations for Rate Limits
      • Rate limits can be set as either request-based or token-based.
      • Time intervals can be configured as per minute, per hour, or per day.
      • Setting the limit to 0 disables the provider.
      • Rate limits apply immediately after being set.
      • Once set, rate limits cannot be edited by any organization member.
      • Rate limits work for all providers available on AI Gateway and apply to all organization members who use the provider.
      • After a rate limit is reached, requests will be rejected until the time period resets.
      Use Cases for Rate Limits
      • Cost Control: Prevent unexpected usage spikes that could lead to high costs.
      • Performance Management: Ensure your application maintains consistent performance.
      • Fairness: Distribute API access fairly across teams or users.
      • Security: Mitigate potential abuse or DoS attacks.
      • Provider Compliance: Stay within the rate limits imposed by underlying AI providers.
      Exceeding Rate Limits
      When a rate limit is reached:
      • Subsequent requests are rejected with a specific error code.
      • Error messages clearly indicate that the rate limit has been exceeded.
      • The limit automatically resets after the specified time period has elapsed.
    4. Add Budget Limits. Budget Limits on Integrations provide a simple way to manage your spending on AI providers (and LLMs) - giving you confidence and control over your application’s costs. They act as financial guardrails, preventing unexpected AI costs across your organization. These limits cascade down to all AI Providers created from this Integration. You set Budget Limits by defining them through a Request or by Token. Use the toggle to enable a budget for the Integration.
      You can configure budget limits to automatically reset at regular intervals. Use the Reset Cadence to:
      • No Periodic Reset: The budget limit applies until exhausted with no automatic renewal.
      • Reset Weekly: Budget limits automatically reset every week.
      • Reset Monthly: Budget limits automatically reset every month.
      Reset timing:
      • Weekly resets occur at the beginning of each week (Sunday at 12 AM UTC).
      • Monthly resets occur on the 1st calendar day of the month, at 12 AM UTC, irrespective of when the budget limit was set prior.
      When using budget limits, consider the following:
      Cost-based limits (by request)
      Set a budget limit in USD that, once reached, will automatically expire the key to prevent further usage and overspending.
      Token-based limits
      Set a maximum number of tokens that can be consumed, allowing you to control usage independent of cost fluctuations.
      Key Considerations for Budget Limits
      • Budget limits can be set as either cost-based (USD) or token-based.
      • The minimum cost limit you can set is $1.
      • The minimum token limit you can set is 100 tokens.
      • Budget limits apply until exhausted or reset.
      • Budget limits are applied only to requests made after the limit is set; they do not apply retroactively.
      • Once set, budget limits cannot be edited by any organization member.
      • Budget limits work for all AI providers created using AI Gateway using the given.
    5. Click Save to apply your changes.
  5. Configure Model Provisioning. Model lists are tied to Integrations. When you create an Integration, you control which models are available. All Providers created from that Integration will only have access to the models you’ve enabled. This is essential for:
    • Controlling costs: Restrict access to expensive models.
    • Ensuring compliance: Limit models to approved ones.
    • Maintaining consistency: Standardize model usage across teams.
    1. Select all models to provide access offered by the provider.
    2. Select specific models to create an allowlist of approved models.
    3. Use the Set Price action to configure additional elements.
  6. After configuring all elements for adding LLM integration using AI Gateway, click Create Integration.