F5 BIG-IP SSL Orchestrator Training Lab > All SSL Orchestrator Lab Guides > SSLO 202: More Use Cases with F5 BIG-IP SSL Orchestrator (AppWorld 2025 | 2 hours) > 3. Lab 2: Outbound Transparent Forward Proxy with User Coaching Source | Edit on
3.1. User Coaching Scenario¶
3.1.1. Challenge¶
Your CISO is concerned about the increasing use of public generative AI applications by employees because of the risk of exposing confidential or proprietary company data. You are challenged with finding a solution to reduce this risk by presenting a warning message containing your corporate AI Usage Policy, recommended actions, and then requiring user acceptance before being allowed access to the web site.
3.1.2. Solution¶
The functionality of SSL Orchestrator can be extended using a mechanism called Service Extensions. This capability allows user-defined code to implement application logic and manipulate decrypted traffic flows.
The service extension for user coaching can help meet this challenge. When a user attempts to connect to a web site that matches the AI URL category. The AI Usage Policy would be presented and the user would be required to click on an acknowledgement button before being allowed to continue. Custom logging could also be enabled to track risky site usage for future allow/deny-listing, or even record a usage reason (as provided by the user).
