{{ toast.message }}

AI Gatewell

Security Management Console

{{ loginError }}
or
Sign in with Microsoft

{{ currentTabName }}

{{ formatTime(new Date()) }}
{{ currentUsername }} admin

{{ selectedRule.name }}

Rule #{{ selectedRule.id }}

Description

{{ selectedRule.description || "No description provided." }}

Type
{{ selectedRule.pattern_type }}
Action
{{ selectedRule.action }}
Side
{{ selectedRule.side }}
Configuration
{{ selectedRule.preset ? `Preset: ${selectedRule.preset}` : selectedRule.pattern }}

{{ presets[selectedRule.preset].label }}

{{ presets[selectedRule.preset].description }}

Matching Patterns
{{ pat }}
Custom Regex
{{ selectedRule.pattern }}
Exact Phrase Match
"{{ selectedRule.pattern }}"
AI Matching Threshold: {{ selectedRule.similarity_threshold || 0.75 }}
Policy Description
{{ selectedRule.description || 'No description' }}

No detailed condition information available.

Edit Rule

Requests
{{ animatedStats.totalRequests }}
Total processed
Cache Rate
{{ animatedStats.cacheHitRate }}%
{{ stats.cacheHits }} cached
Alerts
{{ animatedStats.totalAlerts }}
Security events
Rules
{{ animatedStats.activeRules }}
Enforcing
Prompts
{{ animatedStats.totalPrompts }}
Logged

Alert Activity

Last 7 days

Blocked Flagged

Top Rules (7d)

Most triggered rules

No rule hits recorded yet

#{{ idx + 1 }}
{{ item.name }}
{{ item.total_hits }}

Recent Security Events

Time Rule Status Details
{{ formatDate(alert.created_at) }} {{ alert.rule_name }} BLOCKED FLAGGED {{ alert.snippet }}

No alerts — all clear
Time Provider Rule User IP Agent Dir Status Score Content
{{ formatDate(alert.created_at) }} {{ providerLabel(alert.provider) }} {{ alert.rule_name }} {{ formatUserId(alert.user_id) }} {{ alert.ip || '—' }} {{ alert.agent_id }} {{ alert.direction }} Blocked Flagged {{ (alert.llm_score * 100).toFixed(0) }}
{{ alert.snippet }}
 View

No alerts — all clear
| INC-{{ selectedIncident.id }}

BLOCKED FLAGGED {{ selectedIncident.rule_name }}

Triggered on {{ selectedIncident.direction }} at {{ formatDate(selectedIncident.created_at) }}

{{ providerLabel(selectedIncident.provider) }}

User ID

{{ selectedIncident.user_id || '—' }}

Source IP

{{ selectedIncident.ip || '—' }}

Direction

{{ selectedIncident.direction }}

Alert ID

#{{ selectedIncident.id }}

Device Agent

{{ selectedIncident.agent_id }}

Device User

{{ selectedIncident.device_user }}

AI Risk Score

{{ (selectedIncident.llm_score * 100).toFixed(0) }}
{{ scoreLabel(selectedIncident.llm_score) }}

{{ selectedIncident.llm_score_explanation }}

Rule Details

Name: {{ selectedIncident.rule.name }}
Action: {{ selectedIncident.rule.action }}
Side: {{ selectedIncident.rule.side }}
Type: {{ selectedIncident.rule.pattern_type }}

{{ selectedIncident.rule.description }}

{{ selectedIncident.rule.pattern }}

Triggered Content (Request)

{{ selectedIncident.snippet }}

AI Response

{{ selectedIncident.response_snippet }}
No AI response captured (request may have been blocked or streaming)

Original Request

{{ selectedIncident.matched_prompt.snippet }}
{{ formatRawJson(selectedIncident.matched_prompt.raw_request_json) || 'No raw request data available' }}

Prompt captured at {{ formatDate(selectedIncident.matched_prompt.created_at) }} · Provider: {{ providerLabel(selectedIncident.matched_prompt.provider) }}

Original Request

No matching request found for this alert.

Other Alerts from This User {{ selectedIncident.user_alerts.length }}

Time Provider Rule Status Content
{{ formatDate(ua.created_at) }} {{ providerLabel(ua.provider) }} {{ ua.rule_name }} Blocked Flagged {{ ua.snippet }}

Recent Prompts from This User {{ selectedIncident.user_prompts.length }}

{{ formatDate(up.created_at) }} {{ providerLabel(up.provider) }}

{{ up.snippet }}

No user ID associated with this alert — related data unavailable.

Add New Rule

Order Status Rule Name Configuration Scope Actions
{{ index + 1 }}
{{ rule.name }}
{{ rule.pattern_type }}
{{ rule.side }} {{ rule.action }}
Time Provider User Source IP Agent Score Prompt Content Reply
{{ formatDate(prompt.created_at) }} {{ providerLabel(prompt.provider) }} {{ formatUserId(prompt.user_id) }} {{ prompt.ip }} {{ prompt.agent_id }} {{ prompt.device_user }} {{ (prompt.llm_score * 100).toFixed(0) }}
{{ prompt.snippet }}

No prompts recorded yet
| PROMPT-{{ selectedPrompt.id }}

Prompt #{{ selectedPrompt.id }}

Captured at {{ formatDate(selectedPrompt.created_at) }}

{{ providerLabel(selectedPrompt.provider) }}

User ID

{{ selectedPrompt.user_id || '—' }}

Source IP

{{ selectedPrompt.ip || '—' }}

Agent

{{ selectedPrompt.agent_id }}

Device User

{{ selectedPrompt.device_user }}

Provider

{{ selectedPrompt.provider }}

Prompt ID

#{{ selectedPrompt.id }}

AI Risk Score

{{ (selectedPrompt.llm_score * 100).toFixed(0) }}
{{ scoreLabel(selectedPrompt.llm_score) }}

{{ selectedPrompt.llm_score_explanation }}

User Prompt

{{ selectedPrompt.snippet }}

AI Response

{{ selectedPrompt.response_snippet }}
No AI response captured for this prompt

Raw Request

{{ formatRawJson(selectedPrompt.raw_request_json) }}
{{ selectedPrompt.raw_request_json }}
No raw request data captured for this prompt.

Related Alerts {{ selectedPrompt.related_alerts.length }}

Time Rule Direction Status
{{ formatDate(ra.created_at) }} {{ ra.rule_name }} {{ ra.direction }} Blocked Flagged
Export:
Time User Action Target Changes
{{ formatDate(log.timestamp) }} {{ log.user }} {{ log.action.replace('_', ' ') }} {{ log.target_type }} {{ log.target_id }}
{{ log.changes }}

Test Your Rules

Simulate a request to check which rules would trigger without sending data to the LLM.

Testing request-side rules

Results

{{ testResults.length }} {{ testResults.length === 1 ? 'Rule' : 'Rules' }} Triggered

No rules matched. This content would be allowed.

Rule Name Action Description
{{ match.name }} {{ match.action }} {{ match.description || '-' }}

Connect to the Firewall

Route any AI tool through the firewall for DLP inspection, audit logging, and policy enforcement. Supports Anthropic and OpenAI-compatible formats.

Anthropic :8080 → /v1/messages OpenAI :8080 → /v1/chat/completions Management :80
Anthropic Format Claude Code, Anthropic SDK, Claude API
Claude Code (CLI) Recommended

Set one environment variable before launching Claude Code.

# Set once in your shell profile
export ANTHROPIC_BASE_URL="http://<firewall-host>:8080"
claude
Python — Anthropic SDK 
{{ pythonSnippet }}
Node.js — Anthropic SDK 
{{ nodejsSnippet }}
Python Agent Template 
{{ agentSnippet }}
OpenAI-Compatible Format Cursor, Aider, Continue.dev, Groq, Together, Mistral, DeepSeek, Ollama, vLLM
Cursor IDE Popular 
{{ cursorSnippet }}
Aider 
{{ aiderSnippet }}
Continue.dev (VS Code) 
{{ continueDevSnippet }}
Python — OpenAI SDK 
{{ openaiPythonSnippet }}
Node.js — OpenAI SDK 
{{ openaiNodeSnippet }}
cURL / Any OpenAI-Compatible Tool 
{{ openaiCurlSnippet }}
Infrastructure
Docker — Same Network 
{{ dockerSnippet }}
Environment Variables
VariableDefaultDescription
UPSTREAM_URLhttps://api.anthropic.comAnthropic upstream endpoint
OPENAI_UPSTREAM_URLhttps://api.openai.comOpenAI-compatible upstream endpoint
MANAGEMENT_URLhttp://management:9000Management server URL
REDIS_URL-Redis for caching + rate limiting
RATE_LIMIT_RPM60Per-IP requests per minute
CACHE_TTL3600Response cache TTL (seconds)

Supported Providers

Any tool that lets you set a custom base URL can route through the firewall. The same DLP rules apply across all providers.

Anthropic

/v1/messages

OpenAI

/v1/chat/completions

Groq

OpenAI-compatible

Together

OpenAI-compatible

Mistral

OpenAI-compatible

DeepSeek

OpenAI-compatible

Ollama

OpenAI-compatible

vLLM

OpenAI-compatible

Browser Extension Intercept ChatGPT, Claude.ai, Gemini web usage
Chrome / Edge Extension
Download .zip

Monitors AI web apps (ChatGPT, Claude.ai, Gemini, Perplexity) and enforces DLP rules before prompts are sent.

1. Download the extension zip and extract it
2. Open chrome://extensions and enable Developer Mode
3. Click "Load unpacked" and select the extracted folder
4. Click the extension icon and enter your Gatewell URL + agent credentials

Requires an extension type agent created in the Agents tab.

Device Agent Local proxy for desktop AI tools (Copilot, Claude Desktop, etc.)
Gatewell Device Agent

Runs a local proxy on localhost:8100 that routes AI traffic through the cloud firewall. Auto-configures shell env vars for Anthropic and OpenAI tools.

# Install and run
./gatewell-device-agent --install --daemon

# Or run manually
./gatewell-device-agent --daemon
Windows (.exe) macOS (.dmg) Linux (binary)

Requires a device type agent created in the Agents tab. Download binaries from the GitHub Releases page.

Add Webhook

Webhook secret (shown once)

{{ newWebhookSecret }}

Configured Webhooks

No webhooks configured

{{ hook.name }} {{ hook.enabled ? 'On' : 'Off' }} {{ hook.events }}

{{ hook.url }}

Recent Deliveries
{{ d.status_code || '-' }} {{ d.error || 'OK' }} {{ formatDate(d.created_at) }}
No deliveries yet.

Payload Format

// Headers
X-Webhook-Event: alert
X-Webhook-Signature: sha256=<hmac-sha256-hex>
X-Webhook-ID: <webhook-id>

// Body
{
  "rule_id": 3,
  "rule_name": "Block: Secrets",
  "user_id": "alice",
  "blocked": true,
  "timestamp": "2026-03-12T10:00:00Z"
}

Create API Key

API Key (shown once — copy now!)

{{ newApiKeySecret }}

How it works: When API keys exist, all requests to the firewall must include a valid X-API-Key header (sk-fw-*). If no keys are created, the firewall runs in open mode (no key required). All keys are validated — no bypass for any prefix.

Active Keys

{{ apiKeys.filter(k => !k.revoked).length }} active / {{ apiKeys.length }} total

No API keys — firewall is in open mode

Name Key Prefix Status Rate Limit Last Used Actions
{{ key.name }} {{ key.key_prefix }} {{ key.revoked ? 'Revoked' : 'Active' }} {{ key.rate_limit_rpm ? key.rate_limit_rpm + ' RPM' : 'Default' }} {{ key.last_used_at ? formatDate(key.last_used_at) : 'Never' }}

Register Agent

Agent created! Save these credentials (shown once):

Agent ID {{ newAgentId }}
Secret {{ newAgentSecret }}
Extension Setup

Give these credentials to the user. In the browser extension popup:

1 Enter the Server URL: {{ agentManagementUrl }}
2 Enter the Agent ID and Agent Secret from above
3 Click Connect — the extension will monitor AI sites

The extension checks status every 30 seconds. Blocking this agent instantly disables prompt submission on all AI sites.

Device Agent Setup

Install and start the device agent on the target machine:

pip install flask requests waitress && \
curl -sO {{ agentManagementUrl }}/api/agents/device-script && \
AGENT_ID={{ newAgentId }} \
AGENT_SECRET={{ newAgentSecret }} \
MANAGEMENT_URL={{ agentManagementUrl }} \
python gatewell_device_agent.py --install && \
python gatewell_device_agent.py --daemon

What this does:

  • --install configures shell env vars so AI tools route through the local proxy
  • --daemon starts the proxy on localhost:8100 + heartbeat
  • Intercepts: Claude Code, Codex CLI, Cursor, Aider, and all OpenAI-compatible tools
  • Detects the logged-on OS user and includes it in audit logs

Or download a compiled binary from GitHub Releases (Windows .exe, macOS .dmg, Linux binary).

Save as .env next to the device agent script:

AGENT_ID={{ newAgentId }}
AGENT_SECRET={{ newAgentSecret }}
MANAGEMENT_URL={{ agentManagementUrl }}
PROXY_PORT=8100
HEARTBEAT_MINUTES=5

Then run: python gatewell_device_agent.py --install && python gatewell_device_agent.py --daemon

Linux systemd service:

[Unit]
Description=Gatewell Device Agent — AI DLP Proxy
After=network-online.target
Wants=network-online.target

[Service]
Type=simple
Environment=AGENT_ID={{ newAgentId }}
Environment=AGENT_SECRET={{ newAgentSecret }}
Environment=MANAGEMENT_URL={{ agentManagementUrl }}
Environment=PROXY_PORT=8100
Environment=HEARTBEAT_MINUTES=5
ExecStart=/usr/bin/python3 /opt/gatewell/gatewell_device_agent.py --daemon
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

macOS: use launchd plist or run the compiled binary directly.

Install on agent machine

Run this single command on the target machine:

pip install requests && \
curl -sO {{ agentManagementUrl }}/api/agents/script && \
AGENT_ID={{ newAgentId }} \
AGENT_SECRET={{ newAgentSecret }} \
MANAGEMENT_URL={{ agentManagementUrl }} \
python gatewell_agent.py --daemon

Save as .env next to the script:

AGENT_ID={{ newAgentId }}
AGENT_SECRET={{ newAgentSecret }}
MANAGEMENT_URL={{ agentManagementUrl }}
HEARTBEAT_MINUTES=30

Then run: python gatewell_agent.py --daemon

Save as /etc/systemd/system/gatewell-agent.service:

[Unit]
Description=Gatewell Agent — IP Heartbeat
After=network-online.target
Wants=network-online.target

[Service]
Type=simple
Environment=AGENT_ID={{ newAgentId }}
Environment=AGENT_SECRET={{ newAgentSecret }}
Environment=MANAGEMENT_URL={{ agentManagementUrl }}
Environment=HEARTBEAT_MINUTES=30
ExecStart=/usr/bin/python3 /opt/gatewell/gatewell_agent.py --daemon
Restart=always
RestartSec=30

[Install]
WantedBy=multi-user.target

Then: sudo systemctl enable --now gatewell-agent

Download the agent script:

{{ agentScriptContent }}

How it works: This tab shows all connected clients — machine agents (IP heartbeat), device agents (local AI proxy), and browser extensions (web DLP). Device agents run a local proxy that intercepts Claude Code, Codex CLI, Cursor, Aider, and all AI tools — applying DLP rules before forwarding. They auto-configure shell env vars and detect the logged-on OS user. Extensions intercept web AI (ChatGPT, Claude.ai, Gemini, Perplexity). Machine agents register their public IP for firewall allowlisting. Agents seen within the last hour are considered online. Blocking any agent immediately stops its access.

Agent Risk Scoring

{{ agentRiskConfig.enabled ? 'Active' : 'Disabled' }}
{{ agentRiskConfig.global_threshold }}

Alert when agent score exceeds this

{{ agentRiskConfig.daily_threshold }}

Alert when daily points exceed this

Points per blocked alert

Points per warning alert

Alerts in 30min to trigger burst bonus

Alerts in 3hrs to trigger burst bonus

Score halves after this many quiet days

Registered Agents

{{ agents.filter(a => a.agent_type === 'machine').length }} machines, {{ agents.filter(a => a.agent_type === 'device').length }} devices, {{ agents.filter(a => a.agent_type === 'extension').length }} extensions — {{ agents.filter(a => a.enabled).length }} active / {{ agents.length }} total

No agents registered — IP filtering is disabled

Name Type Upstream Current IP Status Risk Score Last Seen Access Actions
{{ agent.name }} Extension Device Machine {{ agent.current_ip || '-' }} Blocked {{ isAgentOnline(agent.last_seen_at) ? 'Online' : 'Offline' }}
{{ agent.risk_score }} BURST
{{ agent.daily_score }} today · {{ agent.monthly_alert_count }} / 30d
 {{ agentTimeSince(agent.last_seen_at) }}

Risk Threshold Alerts

{{ agentRiskAlerts.length }}
Agent Type Score Threshold Time
{{ ra.agent_name }} Global Daily {{ ra.score }} {{ ra.threshold }} {{ formatDate(ra.created_at) }} {{ formatTime(ra.created_at) }}

Browser Extension

Intercept and check AI prompts on web platforms before submission. Enforces the same DLP rules used by the API firewall.

ChatGPT Claude.ai Gemini Perplexity

Extension Activity

{{ alerts.filter(a => a.provider === 'extension').length }} events
Time User Rule Status Content
{{ formatDate(alert.created_at) }} {{ alert.user_id }} {{ alert.rule_name }} Blocked Warned
{{ alert.snippet }}

No extension activity yet

Install the Extension

1

Create an Extension agent

Go to the Agents tab, select type Extension, and create. Save the Agent ID and Secret.

2

Download and load in Chrome

Download the zip, extract it, then go to chrome://extensions then enable Developer Mode and click "Load unpacked" to select the folder.

Download ai-gatewell-extension.zip
3

Connect with Agent ID + Secret

Click the extension icon, enter your server URL, Agent ID, and Agent Secret, then click Connect. No username or password needed.

4

Monitor and block from the Agents tab

The extension appears as a connected agent. Block it anytime — the user will see a full-page "Access Blocked" overlay on all AI sites within 30 seconds.

How It Works

✍️

Intercept

Hooks into the input areas and submit buttons of AI web platforms.

🔍

Check

Sends the text to Gatewell for DLP rule evaluation (regex, semantic, presets).

🛡️

Enforce

Blocks or warns before submission. All interactions logged to the audit trail.

AI Rule Generator

Describe what you want to protect against — AI generates the DLP rules for you

Try an example

{{ aiRuleError }}

Generated Rules ({{ aiGeneratedRules.length }})

{{ rule.name }}

{{ rule.action }} {{ rule.side }} {{ rule.pattern_type }}

{{ rule.description }}

Added
{{ rule.pattern }}

LLM Scoring

Use AI to score every prompt for malicious intent (jailbreaks, injection, exfiltration)

How it works

1 Every prompt longer than {{ llmScoringConfig.min_length }} characters is sent to an LLM for analysis
2 The LLM returns a risk score from 0 (safe) to 100 (malicious)
3 Score ≥ {{ (llmScoringConfig.threshold_alert * 100).toFixed(0) }} triggers an alert with AI explanation
4 Score ≥ {{ (llmScoringConfig.threshold_block * 100).toFixed(0) }} blocks the request entirely

e.g. gpt-4o-mini, gpt-4o, gpt-4-turbo e.g. claude-haiku-4-5-20251001, claude-sonnet-4-5-20241022

API key configured No API key set Manage in System tab
{{ (llmScoringConfig.threshold_alert * 100).toFixed(0) }}

Score ≥ this triggers an alert (but allows the request)

{{ (llmScoringConfig.threshold_block * 100).toFixed(0) }}

Score ≥ this blocks the request entirely

Only score prompts with ≥ this many characters

Score Ranges

0–19: Safe
20–49: Low Risk
50–79: Suspicious
80–100: Critical

Test Scoring

Try the LLM scorer with a sample prompt to see how it responds.

Scoring Failed

{{ llmScoringTestResult.error }}

{{ (llmScoringTestResult.score * 100).toFixed(0) }}
{{ scoreLabel(llmScoringTestResult.score) }}

{{ llmScoringTestResult.explanation }}

Would BLOCK this request Would ALERT on this request Would ALLOW this request
Raw API Response
HTTP {{ llmScoringTestResult.raw_status }} {{ llmScoringTestResult.provider }} / {{ llmScoringTestResult.model }}

Create User

Username Role Last Login Created Enabled Actions
{{ u.username }} system SSO local blocked {{ u.role }} {{ u.last_login_at ? formatDate(u.last_login_at) : 'Never' }} {{ formatDate(u.created_at) }} Managed via env var

Reset Password for {{ resetPasswordUser.username }}

System

Server info, database stats, and configuration

Version

{{ systemInfo.version }}

Uptime

{{ formatUptime(systemInfo.uptime_seconds) }}

Python

{{ systemInfo.python_version }}

DB Size

{{ formatBytes(systemInfo.db_stats?.db_size_bytes) }}

Auth
SSO (Azure AD)
Redis
LLM Scoring

Database Records

{{ table.replace('_', ' ') }} {{ count.toLocaleString() }}

LLM API Key

This key is used for both LLM Scoring and AI Rule Generator features.

{{ systemInfo.llm_scoring?.has_api_key ? 'API key configured' : 'No API key set' }} Provider: {{ systemInfo.llm_scoring.provider }} · Model: {{ systemInfo.llm_scoring.model }}

Platform

{{ systemInfo.platform }}

Loading system info...