Synopsis
The article provides a checklist of common dependencies and issues to avoid while populating the Generative AI dashboard.
Checklist to avoid common issues while populating the Generative AI dashboard
- Do the systems have an active access method?
- Client
- Tunnel
- Etc.
- Are users actively steering the traffic?
- SWG Steering
- It is important to ensure that the “Generative AI” Category is not in the steering exceptions
- CASB Steering
- If you are in; "Traffic Steering: Cloud Apps Only" we will need to explicitly steer the default steerable applications
- Select the steering configuration at https://<tenant_name>.goskope.com/ns#/settings?view=steering_config
- Select "Add Steered Item"
- Select "Generative AI" in the category selection drop down and then select all of the Generative AI applications you desire to gain visibility and control on.
- Please note: Bing.AI is part of "Microsoft Bing" and will need to also be added to steering explicitly.
- If you are in; "Traffic Steering: Cloud Apps Only" we will need to explicitly steer the default steerable applications
- SWG Steering
- Are you SSL Decrypting the traffic?
- Do you have IPS enabled in your tenant?
- If you/r user are experiencing this issue they are likely seeing, "403 Forbidden" response from some CloudFlare resources when egressing"
- https://support.netskope.com/s/article/Generative-AI-applications-such-as-ChatGPT-can-fail-with-IPS-enabled
- Are you attempting to apply Bing.AI controls?
- Context: https://support.netskope.com/s/article/Microsoft-Bing-use-cases-for-Policy-configuration-changes-in-Bing-Traffic
- Use Cases
- Use case 1 : Block data exfiltration from chat messages in case of a DLP violation
- Use case 2: Block ALL chat messages from Bing
- Dependencies: Contact your Netskope Field team to have this feature enabled; If this is not enabled, the above use cases are not possible
- Please note: It is currently expected behavior for end-users to have to refresh the Bing.AI Chat session to proceed after a blocked post.
If you would like to better understand the key dependencies of gaining visibility and control of traffic through Netskope we have prepared a training that covers;
- Introduction: “What are SSE and SASE?” ~ 3 minutes
- Part-1: SASE/SSE Explained ~ 10 minutes
- Part-2: Netskope Context & Where do we start? ~ 10 minutes
- Part-3: Netskope NewEdge ~ 10 minutes
- Part-4: Working with Netskope ~ 3 minutes
