Panorama

1. Log in to the Panorama™ management server web interface.
2. Select Objects Security Profiles AI Security and select Add.
3. Enter a Name and a Description.
4. In Model Groups, select the default model group or Add a new one for customized protections. See Create Model Groups for Customized Protections.

   Deleting a default model results in a commit failure.
5. In the Advanced Settings, configure the following:

   • Max Inline Latency: Set the maximum allowed latency for inline threat detection. The latency range is between 1-300 seconds.
   • Inline Timeout Action: Specify the action to take if inline threat detection exceeds the Max Inline Latency.
     • Allow
     • Alert (Report threats asynchronously)
     • Block
   • Custom Models: Enable threat detection for custom models.
     All traffic matching this security profile will be forwarded to the Palo Alto AI Security cloud service for threat inspection, rather than just traffic going to known model endpoints. When this is enabled, make sure your security policy's destination is configured for your specific custom AI model endpoints.
6. Select OK.

   In Panorama, you can either attach the security profile to the security policy rule or a security profile group (Objects Security Profile Groups).

   Next, to push the security policy rules to the firewall, navigate to Commit → Commit and Push.

   When a query is detected with the action alert or block, an AI security log is generated with the respective AI Incident Type and AI Incident Subtype.

   As the user interacts with the application and the application makes requests to an AI model, the AI security logs are generated for each security policy rule. To view a detailed AI security report for Prisma AIRS AI Runtime: Network intercept managed by Panorama, see the threat logs page in the Panorama documentation.