>
    Strata Copilot
    Networks Channels Management
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma AIRS
    3. AI Red Teaming
    4. Identify AI System Risks with AI Red Teaming
    5. Get Started with Prisma AIRS AI Red Teaming
    6. Network Channels
    7. Networks Channels Management
    Download PDF
    Prisma AIRS

    Networks Channels Management

    Table of Contents

    Networks Channels Management

    Procedure to create and manage network channels.
    Where Can I Use This?What Do I Need?
    • Prisma AIRS (AI Red Teaming)
    • Prisma AIRS AI Red Teaming License
    • Prisma AIRS AI Red Teaming Deployment Profile
    A channel is a unique communication pathway that clients use to establish connections. Each channel has a unique connection URL with authentication credentials. You will need to create and validate a channel first, before using it to add a target. Multiple channels can be created for different environments and each channel can handle multiple targets accessible to it.
    All the clients connected to the same channel are treated as homogenous. For channels with multiple clients connected, the requests will be routed through any of the clients using a round robin algorithm. This helps achieve a highly available client deployment.
    The status of the channel can be one of the following:
    Channel StatusDescription
    Draft
    The channel has not connected to any client yet.
    Online
    The channel is online, connected to a client and can be used to connect to the target.
    Offline
    The channel is offline, meaning it is not connected to any client.

    Manage Channels

    To manage channels:
    1. Log in to Strata Cloud Manager.
    2. Navigate to the AI SecurityAI Red TeamingNetwork Channels in the sidebar.
      This page lists all the channels added with their details.
      You can select the channel name to view the detailed overview of the channel that includes the channel validation details along with channel installation and setup information.

    Create Channel

    Pre-requisites:
    Before creating a Network Channel, ensure you have the following tools installed and configured:
    • Kubernetes cluster—A running environment (local like Minikube/Kind, or cloud-based).
    • Kubectl—The command-line tool configured to communicate with your cluster.
    • Helm CLI—Version 3.x or higher for managing chart deployments.
    To create a new channel:
    1. Log in to Strata Cloud Manager.
    2. Navigate to AI SecurityAI Red TeamingNetwork Channels and Add Network channel.
    3. Enter the Channel Name.
    4. (Optional) Add a description.
    5. Add Channel.
      Once the channel is created, you will see the channel details along with the instructions to install and setup the client in your infra.
    6. Follow these steps for setting up the client and connecting to the channel.
      1. Setup network.
        Download the client to your desired location. Ensure the location meets the following requirements:
        • Network Access: Outbound (bidirectional) access to api.sase.paloaltonetworks.com,auth.apps.paloaltonetworks.com,registry.ai-red-teaming.paloaltonetworks.com.
        • Target Access: Access to all intended targets that will later be added via this channel. Any domains should also be resolvable if applicable.
      2. Configure Docker Registry.
        Create a pull secret using your tenant credentials:
        kubectl create secret docker-registry airs-pull-secret \
--docker-server=registry.ai-red-teaming.paloaltonetworks.com \
--docker-username=********** \
--docker-password=**********
        helm registry login registry.ai-red-teaming.paloaltonetworks.com \
--username=********** \
--password=**********
        • The docker pull secret is common across your tenant and can be generated only once.
        • To view the username and password, click the eye icon or copy to clipboard icon.
      3. Create Service Account.
        The client requires a service account to authenticate with the server. Follow the steps below to create one, or contact your admin if you lack the required permissions.
        1. Enter a name and description for the service account.
        2. Copy and save the Client ID and Client Secret.
        3. Assign a role with the "airt.network_channels_client" permission.
      4. Install Client.
        Create a pull secret using your tenant credentials:
        helm install panw-network-client oci://registry.ai-red-teaming.paloaltonetworks.com/pairs-redteam-prd-fckx/red-teaming-onprem/charts/panw-network-client:1.0.1 \
--set config.clientId=<CLIENT_ID> \
--set config.clientSecret=<CLIENT_SECRET> \
--set config.channelId=6eedd19e-649d-43d1-9135-032891976b2f
      5. Verify Connection & Validate Channel.
        Check the logs to ensure everything is configured correctly. Look for a message that says: "Connected to the server". Alternatively, you can select the Validate Channel to confirm the connection. If successful, the channel status will update to Online.
    7. Once the channel is validated and online, it's ready to be used to create a target.

    © 2026 Palo Alto Networks, Inc. All rights reserved.