Also known as Zero Trust Network Access, or ZTNA, a cloud-native software defined perimeter delivers secure remote access as an integral part of a company’s global network and security infrastructure. A global, cloud-scale platform supports any number of remote users within their geographical regions. Performance improves with end-to-end optimized access to any application using a global private backbone. Risk is minimized before and after users access the network through strong authentication and continuous traffic inspection for threat prevention. Cloud-native SDP makes mobile access easy — easy to deploy, easy to use, and easy to secure.

Cato delivers a fully managed and adaptive cloud-based IPS service. Cato Research Labs updates, tunes and maintains context-aware heuristics, both those developed in house (based on big-data collection and analysis of customers’ traffic) and those originating from external security feeds. This dramatically reduces the risk of false positives compared to other IPSs that lack an experienced SOC behind them. Cato Cloud scales to support the compute requirements of IPS rules, so customers don’t have to balance protection and performance to avoid unplanned upgrades as processing load exceeds available capacity.

Cato’s Malware Detection and Prevention leverages multi-layered and tightly-integrated anti-malware engines. First, a signature and heuristics-based inspection engine, which is kept up-to-date at all times based on global threat intelligence databases, scans files in transit to ensure effective protection against known malware. Second, Cato has partnered with SentinalOne to leverage machine learning and artificial intelligence to identify and block unknown malware. Unknown malware can come as either zero-day attacks or, more frequently, as polymorphic variants of known threats that are designed to evade signature-based inspection engines. With both signature and machine learning-based protections, customer data remains private and confidential, as Cato does not share anything with cloud-based repositories.

CATO SASE Solution สร้างบน Cloud-Native และ มี PoPs 60 กว่างแห่งทั่วโลก และเชื่อมต่อกันด้วย Tier-1 Carriers ทำให้ Global Network เชื่อมต่อและปลอดภัยแบบคครอบคลุม ไม่ว่าอยู่ที่ไหน Mobile Users ก็เช่นกัน

The Cato NGFW inspects both WAN and Internet traffic. It can enforce granular rules based on network entities, time restrictions, and type of traffic. The Deep Packet Inspection (DPI) engine classifies the relevant context, such as application or services, as early as the first packet and without having to decrypt the payload. Cato provides a full list of signatures and parsers to identify common applications. In addition, custom application definitions identify account-specific applications by port, IP address or domain.

The SWG provides granular control over Internet-bound traffic, enabling enforcement of corporate policies and preventing downloads of unwanted or malicious software. There are predefined policies for dozens of different URL categories and support custom rules, enhancing the granularity of web access control. The SWG is easily managed through Cato’s management portal and covered by a full audit trail.