Example prompts and expected outcomes


User intent	Example prompts	Expected outcome
View policies	List all policies List all policies with rule counts List all policies and show which devices they are assigned to	Displays available access control policies and related information such as assigned devices and rule counts.
Review policy details	Describe the policy [policy name] Summarize the [policy name] policy Give me an overview of what [policy name] does	Provides a high-level summary of the selected policy, including its purpose and rule composition.
Search and filter rules	List all “Allow” rules in [policy name] Find rules using port 22 in [policy name] Show rules with source zone External in [policy name]	Retrieves rules matching the specified filters, criteria, or policy scope.
Create rules	Create a temporary “Allow” rule in [policy name] to allow [source object] to access [destination subnet] over HTTP and SSH Create an “Allow” rule in [policy name] for HTTPS traffic and attach intrusion and file policies with a business justification	Generates policy recommendations, validates referenced objects, recommends rule placement, and captures business justification for the requested policy change.
Modify rules	Update rule [rule name] to remove HTTPS access Modify rule [rule name] action to “Deny”	Updates the selected rule, validates policy impact, identifies conflicts or policy drift, and recommends additional verification if required.
Delete rules	Delete rule [rule name]	Identifies the rule, validates dependencies and policy impact, and analyzes operational considerations before deletion.
Detect expiring rules	Find expiring rules in [policy name] Describe these expiring rules Find rules expiring in the next 90 days in [policy name]	Identifies rules associated with expiring schedules and provides lifecycle management recommendations.
Review policy activity and intent	Why does rule [rule name] exist? What is the business purpose of rule [rule name]?	Retrieves rule history, business justification, and policy intent information.
Work with policy categories	List all categories in [policy name] Show rules in the DMZ category of [policy name] List rules in the outbound category of [policy name]	Displays available policy categories and retrieves rules associated with the selected category.
Cross-policy discovery	Find policies that reference object [object_name] Find policies containing object [object_name] Find rules containing keyword “AI” across all policies Find rules for IP address 192.168.10.1	Searches across multiple policies and identifies matching rules, objects, references, or IP-based relationships.
Review memory and activity	What activities did I perform? Search my activities for [policy_name] Did I recently work on any rules for the DMZ zone?	Retrieves conversationally captured rule intent, business justification, recent activity, and previously modified policy information.
Search objects	List all network objects Find port object for port 443 Find object "example_object"	Searches supported object types and returns matching configuration objects.
Create network objects	Create a host object for `10.10.10.10` named `Branch_Server` Create a network object for `10.20.0.0/16` Create an FQDN object for `example.com`	Creates the requested supported network object and validates naming and object constraints.
Create port objects	Create a TCP port object for port 443 Create a UDP port object for port 53	Creates supported TCP or UDP port objects for policy usage.
Create network groups	Create a network group containing `10.10.10.0/24` and `Branch_Server` Create a network group for branch office networks	Creates a network group using supported object references or inline network literals.
Create port groups	Create a port group containing `HTTPS` and `SSH` Create a port group for web applications	Creates a port group using existing named port objects.