>
    Strata Copilot
    Create an AI Security Profile
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma AIRS
    3. Administration
    4. Defend: Create a Security Policy Rule to Prevent AI Security Threats
    5. Create an AI Security Profile
    Download PDF
    Prisma AIRS

    Create an AI Security Profile

    Table of Contents

    Create an AI Security Profile

    Create an AI security profile to enable AI application protection, AI data protection, and AI model protection, and add it to your security policy rules.
    Where Can I Use This?What Do I Need?
    • Create an AI Security Profile
    • Deploy Prisma AIRS: Network intercept managed by Strata Cloud Manager or Panorama
    This sections helps you create and associate an AI security profile with a security policy rule. The AI security profile inspects and secures the AI traffic between AI applications and the LLM models passing through Prisma AIRS: Network intercept managed by Strata Cloud Manager or Panorama.
    An AI security profile protects only AI traffic. You can configure the AI security profile with the following protections:
    • AI model protection to protect your AI models against threats such as prompt injections.
    • AI application protection with URL categorization.
    • AI data protection to protect against threats such as sensitive data leakage.
    This profile can only be configured from Strata Cloud Manager or Panorama.

    Strata Cloud Manager

    Create an AI security profile to enable AI application protection, AI data protection, and AI model protection, and add it to your security policy rules.
    Where Can I Use This?What Do I Need?
    • Create an AI Security Profile
    This page helps you create and associate an AI security profile with a security policy rule. The AI security profile inspects and secures the AI traffic between AI applications and the LLM models passing through Prisma AIRS AI Runtime: Network intercept managed by Strata Cloud Manager.
    1. Log in to Strata Cloud Manager.
    2. Navigate to Configuration NGFW and Prisma Access Security Services AI Security.
    3. Select the Configuration Scope as Global or limit it to your AI security profile.
    4. Select AI Security → Add Profile.
    5. Enter a Name and a Description.
    6. Add Model Group for customized protections. See Create Model Groups in Strata Cloud Manager.
      For example, a model group with URL categorization and prompt injection alert settings is attached to the following security profile for a target AI model. You can attach a security policy as a zone or a Dynamic Address Group:
      • For zone-based security, follow the use case on how to Create Traffic Objects for Zone-Based Security using specific clusters to monitor the ingress and east-west traffic. Attach this zone to a security policy rule to enforce security policy rules on the AI traffic sourced from this zone and the traffic objects within this zone.
      • For protecting the source AI applications, use Dynamic Address Groups in Policy and reference these DAGs in the security policy rule.
    7. In the Advanced Settings, configure the following:
      • Max Inline Latency: Set the maximum allowed latency for inline threat detection. The latency range is between 1 and 300 seconds.
      • Inline Timeout Action: Specify the action to be taken when the inline threat detection exceeds the max inline latency.
        • Allow
        • Alert (Report threats asynchronously)
        • Block
      • Custom Model Support: When enabled, all traffic matching this security profile will be forwarded to the Palo Alto Networks AI security cloud service for threat inspection, rather than just traffic to known model endpoints.
    8. Click Create.
    9. To push the security policy rules to the firewall, navigate to Manage Configuration Operations.
    10. Select Push Config.
      When a query is detected with the action alert or block, an AI security log is generated with the respective AI Incident Type and AI Incident Subtype.
      As the user interacts with the application and the application makes requests to an AI model, the AI security logs are generated for each security policy rule. Check the specific logs in the AI Security Report under AI Security Log Viewer.

    Configure Custom Error Response

    Customer Error Response allows you to improve the management of responses for error conditions. This feature is supported on Strata Cloud Manager (SCM). Additionally, you can use the Strata Logging Service (SLS) to view error conditions. The Custom Error Response feature includes options to set PII hashing to handle sensitive data within the custom response. Additionally, you can configure Data Loss Prevention (DLP) integration to identify and mask sensitive content before it’s included in the error messages sent back to the application.
    You can use SCM to address common and custom LLMs. This ensures that the custom error response can be applied even when traffic is directed to proprietary or non-standard AI endpoints, provided the AI Security Profile is correctly attached to the security policy rule.
    Prior to configuring Custom Error Response using SCM, ensure that you have created and associated an AI security profile with a security profile rule. The AI security profile inspects and secures the AI traffic between AI applications and the LLM models passing through the firewall managed by SCM.
    To configure Custom Error Response in SCM:
    1. Log in to Strata Cloud Manager.
    2. Navigate to Configuration NGFW and Prisma Access Security Services AI Security.
    3. Select the AI security profile you want to configure.
    4. Use the toggle to enable Custom Error Response. Disabling this feature reverts the firewall to the default behavior of dropping packets and sending a TCP reset.
    5. Use the Privacy toggle to enable or disable the hashing of PII to handle sensitive data within the custom response.
    6. Use the DLP toggle to enable or disable the integration of DLP to identify and mask sensitive content before it’s included in the error messages sent back to the application.

    Panorama

    Create an AI security profile to enable AI application protection, AI data protection, and AI model protection, and add it to your security policy rules.
    Where Can I Use This?What Do I Need?
    • Create an AI Security Profile
    This section helps you create and associate an AI security profile with a security policy rule. The AI security profile inspects and secures the AI traffic between AI applications and the LLM models passing through Prisma AIRS AI Runtime: Network intercept managed by Panorama.
    Prerequisites:
    Ensure that Panorama `CloudConnector Plugin 2.1.0` can connect to the cloud; refer to the Panorama onboarding prerequisites for detailed steps.
    1. Log in to the Panorama™ management server web interface.
    2. Select Objects Security Profiles AI Security and select Add.
    3. Enter a Name and a Description.
    4. In Model Groups, select the default model group or Add a new one for customized protections. See Create Model Groups for Customized Protections.
      Deleting a default model results in a commit failure.
    5. In the Advanced Settings, configure the following:
      • Max Inline Latency: Set the maximum allowed latency for inline threat detection. The latency range is between 1-300 seconds.
      • Inline Timeout Action: Specify the action to take if inline threat detection exceeds the Max Inline Latency.
        • Allow
        • Alert (Report threats asynchronously)
        • Block
      • Custom Models: Enable threat detection for custom models.
        All traffic matching this security profile will be forwarded to the Palo Alto AI Security cloud service for threat inspection, rather than just traffic going to known model endpoints. When this is enabled, make sure your security policy's destination is configured for your specific custom AI model endpoints.
    6. Select OK.
      In Panorama, you can either attach the security profile to the security policy rule or a security profile group (Objects Security Profile Groups).
      Next, to push the security policy rules to the firewall, navigate to Commit → Commit and Push.
      When a query is detected with the action alert or block, an AI security log is generated with the respective AI Incident Type and AI Incident Subtype.
      As the user interacts with the application and the application makes requests to an AI model, the AI security logs are generated for each security policy rule. To view a detailed AI security report for Prisma AIRS AI Runtime: Network intercept managed by Panorama, see the threat logs page in the Panorama documentation.

    Configure Custom Error Response

    Customer Error Response allows you to improve the management of responses for error conditions. This feature is supported on Panorama. The Custom Error Response feature includes options to set PII hashing to handle sensitive data within the custom response. Additionally, you can configure Data Loss Prevention (DLP) integration to identify and mask sensitive content before it’s included in the error messages sent back to the application.
    You can use Panorama to address common and custom LLMs. This ensures that the custom error response can be applied even when traffic is directed to proprietary or non-standard AI endpoints, provided the AI Security Profile is correctly attached to the security policy rule.
    Prior to configuring Custom Error Response using Panorama, ensure that you have created and associated an AI security profile with a security profile rule. The AI security profile inspects and secures the AI traffic between AI applications and the LLM models passing through the firewall managed by SCM.
    To configure Custom Error Response in Panorama:
    1. Log in to the Panorama™ management server web interface.
    2. Select Objects Security Profiles AI Security.
    3. Select the AI security profile you want to configure.
    4. Use the toggle to enable Custom Error Response. Disabling this feature reverts the firewall to the default behavior of dropping packets and sending a TCP reset.
    5. Use the Privacy toggle to enable or disable the hashing of PII to handle sensitive data within the custom response.
    6. Use the DLP toggle to enable or disable the integration of DLP to identify and mask sensitive content before it’s included in the error messages sent back to the application.

    © 2026 Palo Alto Networks, Inc. All rights reserved.