Synopsis
The article provides a checklist of common dependencies and issues to avoid while populating the Generative AI dashboard.

Checklist to avoid common issues while populating the Generative AI dashboard

• Do the systems have an active access method?
  
  
  
  • Client
  
  
  • Tunnel
  
  
  • Etc.
  
  
  
  


• Are users actively steering the traffic?
  
  
  
  • SWG Steering
    
    
    
    • It is important to ensure that the “Generative AI” Category is not in the steering exceptions
    
    
    
    
  
  
  • CASB Steering
    
    
    
    • If you are in; "Traffic Steering: Cloud Apps Only" we will need to explicitly steer the default steerable applications
      
      
      
      • Select the steering configuration at https://<tenant_name>.goskope.com/ns#/settings?view=steering_config
      
      
      • Select "Add Steered Item"
        
        
        
        • 
        
        
        
        
      
      
      • Select "Generative AI" in the category selection drop down and then select all of the Generative AI applications you desire to gain visibility and control on. 
        
        
        
        •  
        
        
        • Please note: Bing.AI is part of "Microsoft Bing" and will need to also be added to steering explicitly.
        
        
        
        
      
      
      
      
    
    
    
    
  
  
  
  


• Are you SSL Decrypting the traffic?


• Do you have IPS enabled in your tenant? 
  
  
  
  • If you/r user are experiencing this issue they are likely seeing, "403 Forbidden" response from some CloudFlare resources when egressing"
  
  
  • https://support.netskope.com/s/article/Generative-AI-applications-such-as-ChatGPT-can-fail-with-IPS-enabled
  
  
  
  


• Are you attempting to apply Bing.AI controls?
  
  
  
  • Context: https://support.netskope.com/s/article/Microsoft-Bing-use-cases-for-Policy-configuration-changes-in-Bing-Traffic
  
  
  • Use Cases
    
    
    
    • ​​​​​​​Use case 1 : Block data exfiltration from chat messages in case of a DLP violation
    
    
    • Use case 2: Block ALL chat messages from Bing
    
    
    
    
  
  
  • ​​​​​​​Dependencies: Contact your Netskope Field team to have this feature enabled; If this is not enabled, the above use cases are not possible
  
  
  • Please note: It is currently expected behavior for end-users to have to refresh the Bing.AI Chat session to proceed after a blocked post.
  
  
  
  

If you would like to better understand the key dependencies of gaining visibility and control of traffic through Netskope we have prepared a training that covers;

• Introduction: “What are SSE and SASE?” ~ 3 minutes


• Part-1: SASE/SSE Explained ~ 10 minutes


• Part-2: Netskope Context & Where do we start? ~ 10 minutes


• Part-3: Netskope NewEdge ~ 10 minutes


• Part-4: Working with Netskope ~ 3 minutes

Netskope Fundamentals