> ## Documentation Index
> Fetch the complete documentation index at: https://docs.velatir.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Gatekeeper

> Control which AI services your organisation can use, in real time.

## What Is Gatekeeper?

Gatekeeper controls which AI services your organisation can access. It enforces your default policy and any explicit exceptions, allowing or blocking services as people work. It is your access control layer for AI.

## How It Works

Gatekeeper is built from two simple parts: a **default rule** that applies to every service, and a list of **exceptions** for the services you want to treat differently. When someone reaches an AI service, Gatekeeper checks it against your policy and acts at once.

You define the policy. Gatekeeper applies it the same way for every workspace and every person.

## Choose Your Default Rule

<Tabs>
  <Tab title="Allow all services">
    All AI services are allowed unless you explicitly block them. You then add the services you want to **block** as exceptions. This suits organisations that want broad access with a few clear exclusions.
  </Tab>

  <Tab title="Block all services">
    All AI services are blocked unless you explicitly allow them. You then add the services you want to **allow** as exceptions. This suits organisations that want a locked-down, approved-only list.
  </Tab>
</Tabs>

## Add Exceptions

Search the [service catalogue](/insights/service-catalog) and select the services to block or allow. Everything else follows your default rule. You can adjust the list at any time, and changes take effect on the next trace.

## Common Setups

<AccordionGroup>
  <Accordion title="Open with a blocklist" icon="shield">
    Keep AI broadly available, but block a handful of services you do not trust or have not approved. Good for teams early in their AI adoption.
  </Accordion>

  <Accordion title="Locked down with an allowlist" icon="lock">
    Block everything by default and allow only the services that have passed your review. Good for regulated work and strict vendor policies.
  </Accordion>

  <Accordion title="Suggesting an approved alternative" icon="route">
    When someone reaches a blocked service, Gatekeeper can point them to an approved alternative that meets the same need.
  </Accordion>
</AccordionGroup>

## Working Alongside Data Protector

Gatekeeper and [Data Protector](/agents/data-protector) review each trace independently. A trace can pass Gatekeeper's service check and still be caught by Data Protector for sensitive content. Each agent adds its own layer.

***

<CardGroup cols={2}>
  <Card title="Service catalogue" icon="book-open" href="/insights/service-catalog">
    Browse the AI services Velatir can detect.
  </Card>

  <Card title="Configuring agents" icon="sliders-horizontal" href="/agents/configuring-agents">
    Apply your policy across workspaces.
  </Card>
</CardGroup>