Verify Global Secure Access Readiness for AI Workloads

Implementation Effort: Low – Verification and validation of existing infrastructure; no new deployments if GSA is already in place.
User Impact: Low – This is an admin-only readiness check with no effect on end users or agent operations.

Overview

Every AI-specific network security control in this functional area — web content filtering for AI app categories, prompt injection detection, content inspection, and Copilot Studio agent routing — depends on Microsoft Entra Internet Access being operational with TLS inspection enabled. These are general-purpose Global Secure Access capabilities that secure all internet-bound traffic, not just AI workloads. If the organization has already deployed GSA through its network security program, this task is a confirmation checkpoint. If GSA is not yet in place, this task surfaces that dependency so the network team can prioritize it before AI-specific policies are configured.

Internet Access traffic forwarding routes user and agent traffic through Microsoft's Security Service Edge for inline inspection. Without it, none of the downstream filtering or protection policies have a traffic path to enforce against. TLS inspection decrypts HTTPS sessions so that content-level controls — prompt policies, file policies, web category filtering — can inspect what is actually being sent to and received from AI services. Without TLS inspection, encrypted traffic passes through uninspected and all content-based protections are blind. Beyond the traffic path itself, two additional platform capabilities apply to AI traffic but are not AI-specific and should already be configured through the network security program: network content filtering file policies that block dangerous MIME types such as executables, archives, and scripts while generating DLP alerts when rules trigger, and Purview sensitivity label scanning that enforces DLP on labeled documents across all GSA-routed traffic. If either capability is missing, coordinate with the network and data protection teams before proceeding — AI services benefit from these controls but do not own them.

This supports Assume breach by ensuring the network inspection infrastructure is in place before AI workloads are onboarded, rather than discovering the gap after agents are already communicating with external AI services unmonitored. It supports Verify explicitly by confirming that the traffic path and content-level protections exist for policy enforcement — without this verification, subsequent tasks create policies that are never evaluated against real traffic. If this readiness check is skipped, the organization risks deploying AI-specific network policies that appear configured but are not enforcing, creating a false sense of security.

Reference

• Microsoft Entra Internet Access Overview
• Manage the Internet Access Traffic Forwarding Profile
• Configure TLS Inspection for Global Secure Access
• Configure Network Content Filtering in Global Secure Access
• Configure Threat Intelligence for Global Secure Access
• Global Secure Access Security Service Edge Overview
• Global Secure Access licensing