Overview
This method of traffic redirection should be used for trials, pilots, and limited deployments. In most cases, using this method most end users will be able to bypass the security and governance that SurePath AI provides. For production deployments, customers should use a redirection method that can not be easily bypassed.
Devices accessing GenAI sites using the SurePath solution will also be required to add the SurePath AI security certificates. In large quantities this could be an onerous task without automation or an MDM tool.
Prerequisites
SurePath AI Root Certificate (get this from you SurePath AI Field CTO)
DNS over HTTP (DoH) Address (in this document)
Use a web browser capable of DoH (We will show how to do this with Google Chrome)
Procedures
All Operating Systems and Browsers
All operating systems will need these files and information.
DoH server URL
Configuration validate page
This site will also allow downloads of the SurePath AI security certificates should you not have them already.
Setup Chrome on Windows
In Google Chrome, select Chrome Menu > Settings
From the left navigation bar select Privacy and security > Security
Turn on Use secure DNS with the toggle
3. Select Add custom DNS service provider from the drop down menu
4. Enter the SurePath DoH server address into the field provided
Install the SurePath Security Certificate on Windows
Press Win + r keys to open the Run dialog
Enter certmgt.msc into the window and press Enter
On the left side select Trusted Root Certificate Authorities
Certificates should now be visible on the right
3. Right Click on Certificates
4. Select All Tasks > Import
5. Click Next until you get the save dialog.
6. Setup is complete and you can do Configuration Validation next.
Configuration Validation
Once you have completed interception with SASE software or a DoH setup you can use the following website to ensure that GenAI traffic will pass through the SurePath AI system.
Navigate to https://ready.surepath.ai/
This webpage will let you know if you are configured properly.