SurePath AI

This method of traffic redirection should be used for trials, pilots, and limited deployments.  In most cases, using this method most end users will be able to bypass the security and governance that SurePath AI provides.  For production deployments, customers should use a redirection method that can not be easily bypassed. 

Devices accessing GenAI sites using the SurePath solution will also be required to add the SurePath AI security certificates.  In large quantities this could be an onerous task without automation or an MDM tool. 

SurePath AI Root Certificate (get this from you SurePath AI Field CTO)

DNS over HTTP (DoH) Address (in this document)

Use a web browser capable of DoH (We will show how to do this with Google Chrome)

- SurePath AI Root Certificate (get this from you SurePath AI Field CTO)
- DNS over HTTP (DoH) Address (in this document)
- Use a web browser capable of DoH (We will show how to do this with Google Chrome)

All operating systems will need these files and information.

1. <a href="https://doh.surepath.ai/dns-query" target="_blank" rel="nofollow noopener noreferrer">https://doh.surepath.ai/dns-query</a>

1. <a href="https://ready.surepath.ai" target="_blank" rel="nofollow noopener noreferrer">https://ready.surepath.ai</a>

This site will also allow downloads of the SurePath AI security certificates should you not have them already.

1. DoH server URL
 1. <a href="https://doh.surepath.ai/dns-query" target="_blank" rel="nofollow noopener noreferrer">https://doh.surepath.ai/dns-query</a>
2. Configuration validate page
 1. <a href="https://ready.surepath.ai" target="_blank" rel="nofollow noopener noreferrer">https://ready.surepath.ai</a>
3. This site will also allow downloads of the SurePath AI security certificates should you not have them already.

In Google Chrome, select Chrome Menu &gt; Settings

1. In Google Chrome, select Chrome Menu &gt; Settings

From the left navigation bar select Privacy and security &gt; Security

Turn on Use secure DNS with the toggle

1. From the left navigation bar select Privacy and security &gt; Security
2. Turn on Use secure DNS with the toggle

3. Select Add custom DNS service provider from the drop down menu

4. Enter the SurePath DoH server address into the field provided

Install the SurePath Security Certificate on Windows

Press Win + r keys to open the Run dialog

Enter certmgt.msc into the window and press Enter

1. Press Win + r keys to open the Run dialog
2. Enter certmgt.msc into the window and press Enter

On the left side select Trusted Root Certificate Authorities

Certificates should now be visible on the right

1. On the left side select Trusted Root Certificate Authorities
2. Certificates should now be visible on the right

3. Right Click on Certificates

4. Select All Tasks &gt; Import

   5.  Click Next until you get the save dialog.

   6.  Setup is complete and you can do Configuration Validation next.

Once you have completed interception with SASE software or a DoH setup you can use the following website to ensure that GenAI traffic will pass through the SurePath AI system.

Navigate to <a href="https://ready.surepath.ai/" target="_blank" rel="nofollow noopener noreferrer">https://ready.surepath.ai/</a>

This webpage will let you know if you are configured properly.

1. Navigate to <a href="https://ready.surepath.ai/" target="_blank" rel="nofollow noopener noreferrer">https://ready.surepath.ai/</a>
2. This webpage will let you know if you are configured properly.

This document will help you setup DoH in the Google Chrome browser on a Windows device.

Overview

Prerequisites

Procedures

All Operating Systems and Browsers

Setup Chrome on Windows

Install the SurePath Security Certificate on Windows

Configuration Validation