Prisma AIRS
Deploy Prisma AIRS AI Runtime: Network Intercept in Public Clouds
Table of Contents
Deploy Prisma AIRS AI Runtime: Network Intercept in Public Clouds
Deploy Prisma AIRS AI Runtime: Network intercept in public
clouds.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
This section provides an overview of the deployment workflow overview for Prisma AIRS AI Runtime: Network intercept and VM-Series firewalls in public cloud environments. It can be deployed
in-line with your traffic to actively monitor and protect your network in real-time.
You can use the deployment workflow in Strata Cloud Manager (Insights →
Prisma AIRS > Prisma AIRS AI Runtime: Network intercept)
to generate a Terraform template. This template deploys either Prisma AIRS AI Runtime: Network intercept or VM-Series firewalls in your cloud environment.
Management: Depending on the deployment Terraform type that you create
and deploy in your environment, the firewall can be managed by either Strata Cloud Manager or Panorama.
The following sections summarize the deployment workflow, provide links to detailed
steps, and explain how to view and manage your deployment Terraform templates.
Additional Deployment Options:
- VM-Series firewall deployment: See Deploy a VM-Series Firewall from Strata Cloud Manager.
- Manual deployment and bootstrapping: See Manually Deploy and Bootstrap Prisma AIRS AI Runtime: Network Intercept.
Deploy, Configure, and Secure High-Level Workflow
This is the high-level workflow to:
- Deploy Prisma AIRS AI Runtime: Network intercept and
VM-Series firewall.Select the deployment workflow for your chosen platform and cloud provider.
- Configure Strata Cloud Manager or Panorama to secure your
resources: VM workloads and Kubernetes clusters (at the namespace level with
traffic steering inspection). Also, configure interfaces, zones, NAT policy,
and routers.Enable SSL/TLS decryption on Prisma AIRS: Network intercept to decrypt traffic between AI applications and the AI models to detect and enforce AI security protection.
- (Optional) Configure IP-tag harvesting to collect the application tags from your public and hybrid Kubernetes clusters and enforce security policy rules based on these harvested application tags.
- Create security policy rules to inspect AI and traditional traffic.
- Monitor: Threat Logs and AI Security Logs.
View and Manage Terraform Templates
- Log in to Strata Cloud Manager.
- Navigate to .
- Click on the shield icon on the top right.
![]()
- View a list of templates under the Terraform Templates tab.
| Column Name | Description |
|---|---|
|
Terraform Template Name
|
Name of your terraform template
|
|
Status
|
Deployment status of the list terraform template
|
|
Firewall Type
|
The deployed firewall type: AI Runtime Security or VM-Series
|
|
Cloud
|
The cloud where you deployed the firewall
|
|
Deployment Type
|
The firewall deployment type
|
|
Actions
|
|
