AI Requests (24h)
14,382
↑ 12% vs yesterday
Blocked by Guardrails
47
Harmful / policy violations
DLP Alerts
23
PII / sensitive data found
Active Policies
9
Gateway + AI Firewall
🤖 AI Gateway — my-corp-gateway
Central proxy for all LLM traffic in your organization
Guardrails
Real-time content moderation on prompts & responses
Data Loss Prevention (DLP)
Scan prompts/responses for PII, financial data, secrets
Authenticated Gateway
Require Bearer token for all AI API calls
Request Caching
Cache identical prompts to cut costs & latency
🔥 Zero Trust Gateway
HTTP/DNS firewall policies controlling internet access
| Policy | Action | Status |
|---|---|---|
| Block Adult Content | Block | Active |
| Block Weapons Sites | Block | Active |
| Allow Approved AI Tools | Allow | Active |
| Block Unauthorized LLMs | Block | Active |
| Log All AI Prompts | Log | Active |
LLM Access Policies
Control which AI models and providers users can access
How it works: Policies are evaluated top-to-bottom. The first matching rule wins.
Use Application selector targeting Artificial Intelligence category, or target specific LLM providers (OpenAI, Anthropic, Google Gemini, etc.)
🏗 Policy Expression Builder
Build a new policy rule using the visual expression builder below
WHEN
THEN
http.application in {"Artificial Intelligence"} → action: allow
Guardrails
Real-time content moderation for AI prompts and responses
⚙️ Evaluation Scope
Choose what Guardrails inspects
Evaluate User Prompts
Inspect content before it reaches the model
Evaluate Model Responses
Inspect AI output before delivery to user
📊 Last 24 Hours
Guardrails activity summary
Hate Speech
12 blocked
Sexual Content
18 blocked
Violence
9 flagged
Self-Harm
5 blocked
🏷 Hazard Categories
Configure which content categories to monitor and what action to take. Each category can be set to Block (prevent the request), Flag (log and continue), or Off.
| Category | Description | Scope | Action | Toggle |
|---|---|---|---|---|
| 🔞 Sexual Content | Explicit or adult sexual material | Prompts Responses | ||
| 🔫 Weapons / Violence | Firearms, weapons, instructions for violence | Prompts Responses | ||
| 🏴 Hate Speech | Discriminatory language, racism, bigotry | Prompts Responses | ||
| 💊 Illicit Drugs | Drug synthesis, procurement, or promotion | Prompts | ||
| 🗡 Self-Harm | Content promoting or instructing self-harm | Prompts Responses | ||
| 💣 Terrorism / Extremism | Extremist ideology, terror planning, propaganda | Prompts Responses |
Data Loss Prevention
Scan AI prompts and responses for sensitive data patterns
DLP for AI Gateway scans content without requiring Gateway HTTP proxy or TLS decryption — it works directly as an AI proxy. Profiles are shared with Cloudflare One Gateway DLP.
📋 Detection Profiles
Click to select profiles to apply to this gateway
PII Detection
SSN, passport, driver's license, national IDs
✓
Financial Data
Credit card numbers, IBAN, bank account numbers
✓
Healthcare (HIPAA)
Medical record numbers, health plan beneficiary IDs
✓
Credentials & Secrets
API keys, passwords, private keys, tokens
✓
Email & Contact
Email addresses, phone numbers, physical addresses
✓
Custom — ACME Confidential
Regex: internal project codes, employee IDs
✓
⚙️ DLP Policies
Define how detected sensitive data is handled
| Profile | Scan | Action |
|---|---|---|
| PII Detection | Prompts | Block |
| Financial Data | Prompts Responses | Flag |
| Credentials | Prompts | Block |
| ACME Confidential | Prompts Responses | Block |
Capture Full Prompt in Logs
Store raw prompt + response when DLP triggers for incident review
AI Prompt Topic Detection
Log the topic of prompts for compliance analytics
🧪 DLP Test Scanner
Paste sample text to see which DLP profiles would trigger
Quick test samples:
Chat Simulator
Test how Gateway policies respond to different prompts in real time
Active Policy Stack
Guardrails: Weapons, Adult, Hate, Drugs → Block
DLP: PII, Financial, Credentials → Block
Content Filter: Firearms, Adult Sites → Block
Guardrails: Violence, Terrorism → Flag
LLM Model
💬 Chat Interface
AI Gateway → GPT-4o
Hello! I'm ready to assist. Your organization's AI security policies are active — I'll let you know if any request is blocked.
📋 Gateway Event Log
[00:00:00] ALLOW — Simulator initialized. All policies active.
Try these test prompts:
HTTP Firewall Policies
Zero Trust Gateway rules controlling web & AI application access
HTTP Policies
DNS Policies
📄 Equivalent API / Terraform Expression
// Block Adult Content — HTTP policy
{
"name": "Block-Adult-Content",
"action": "block",
"filters": ["http"],
"traffic": "any(http.request.uri.content_category[*] in {2 125 133 67})",
"precedence": 10,
"enabled": true
}
// Block Weapons & Firearms — HTTP policy
{
"name": "Block-Weapons-Firearms",
"action": "block",
"filters": ["http"],
"traffic": "any(http.request.uri.content_category[*] in {85 87 157})",
"precedence": 20,
"enabled": true
}
// Allow Approved AI Tools
{
"name": "Allow-Approved-AI",
"action": "allow",
"filters": ["http"],
"traffic": "http.request.uri.content_category in {\"ChatGPT\" \"Claude\"}",
"precedence": 40,
"enabled": true
}
Content Categories
Click any category to toggle block / allow. Red = currently blocked.
7 Blocked
🔞 Adult & Explicit Content
🔫 Violence & Weapons
⚠️ Security Risks
🤖 AI Applications
Gateway Logs
Real-time log of all policy decisions
Total Events
0
Allowed
0
Blocked
0
Flagged
0