Ctrlk
Zscaler (SPLX)

Zscaler AI Guard

Before any action on the Platform

The Enable Red Teaming Integration checkbox needs to be turned on in the Tenant Settings (Zscaler Ai Guard) page before AI Guard will authorize the Platform requests (see picture below).

Note: US SaaS and EU SaaS SPLX Production environments are mapped to the AI Guard US Prod

Figure 1: Zscaler AI Guard - Tenant Settings - Integration: Enable Red Teaming Integration checkbox

After that, copy your Zscaler UI Guard UUID as shown in the picture below.

Figure 2: Zscaler AI Guard - Tenant Settings - General: Zscaler Tenant UUID

Setup Zscaler Guard Integration on the Platform

On the Integrations tab, click the Setup button next to the Zscaler AI Guard and paste the UUID you copied earlier.

Note: The same AI Guard Tenant/Organization UUID can be mapped to more than one SPLX Tenant.

If Zscaler AI Guard is not listed as shown in the picture below, please provide the UUID you copied earlier to an SPLX engineer, who will enable it for you.

Figure 3: Integrations Settings

After that is done, you are ready to use Policy Generator following further instructions.

Creating a Policy

After you have selected Zscaler AI Guard as your AI firewall provider:

Step 1: Select Mapped Probes

Only probes that meet the required criteria are shown, and their fail rates are displayed for reference.

Probes used in this step must:

  • Have a completed probe run.

  • Have mapped policy rules.

These criteria ensure that only relevant probes are included in the generated policy, keeping configurations accurate and efficient.

Figure 1: Select Mapped Probes

Generated Policy Template Page

Once the new policy has been generated, the Generated Policy Template Page displays the full details of the result.

The top section includes key policy information:

  • AI Firewall Provider - AI firewall provider for which the policy was generated.

  • Generated on - when the policy was generated.

  • Generated by - who generated the policy.

  • Imported on - when the policy template was created.

  • Imported by - who triggered the policy generation the policy.

  • Selected probes - probes used to create a template based on the results of their runs.

  • Progress - showing whether the policy template is being generated or the generation is finished.

  • State - showing whether the policy template is imported to the Zscaler AI Guard or not.

Below the summary of the latest generated policy, there is a detailed list of configured Input and Output Detector Rules. The Input Detector evaluates and flags potentially problematic user inputs, such as harmful or sensitive queries, while the Output Detector assesses model-generated responses to ensure compliance with predefined guidelines and organizational policies. Both detectors flag specific messages based on finely tuned rules, identifying content that might violate security or ethical standards.

To apply a policy template containing these rules, users can click the "Import" button in the top-right corner of a page. This will open the Zscaler AI Guard interface, where they can configure the AI firewall settings based on the loaded template. Once the configuration is complete, the policies will be enforced in real time.

Figure 2: Latest Generated Policy Template page for Zscaler AI Guard

PreviousAWS Bedrock GuardrailsNextModel Benchmarks

Last updated

Was this helpful?