What is the Cato Networks SASE Security Solution?
Cato's SASE security solution is cloud-native and built directly into its global backbone. Available both regionally and globally, it is accessible even by remote users. Users and resources are identity-driven, meaning each network connection is associated with an identity. Users can leverage a set of networking and security policies regardless of location, reducing operational overheads. The SASE offering is also cloud-native, leveraging key cloud capabilities such as elasticity, adaptability, self-healing and self-maintenance - lowering costs and improving efficiency. Further, Cato's security offering can support all Edges - meaning that the SASE creates one network for all company resources such as data centres, branch offices, cloud resources and mobile users.
Cato offers their full network security pack built directly into their global backbone, called 'Security-as-a-Service'. This solution avoids the need for backhauling traffic to specific choke points and third-party security products that require chaining together. All SASE policies are cloud-native. Cato's security-as-a-service is also directly integrated into the Cato Cloud network. This multi-layered system provides uniform security solutions and policies with global reach, provisioning integrated flexibility of the cloud. Cato uses Next Generation Firewall and a Secure Web Gateway to provide granular access management to internet-bound traffic and web access control.
Cato's cloud-native SASE solution is distributed over the global private backbone to ensure that a single, interconnected facility addresses security and network requirements.
Security as a Service (SSE 360) comes with several key features:
- Firewall as a Service (FWaaS): Application-aware firewall-as-a-service (FWaaS). Cato can deliver firewall and network security capabilities with cloud service. Clients can access network security (URL Filtering, IPS, AM, NG-AM, Analytics, MDR) in any location, removing the need for appliance form factor firewalls.
- Secure Web Gateway (SWG): Included in the security pack is Secure Web Gateway (SWG). The SWG focuses on layer seven web traffic inspection, inbound and outbound, protecting against phishing, malware and many other internet-borne threats. Because it is cloud-based, security is available to remote users outside the office.
- Managed Threat Detection and Response Services (MDR): Designed to detect and eliminate malware threats, it offloads compromised endpoints to Cato's security operation centre team. It offers: automated threat hunting, which looks for anomalies across flows in Cato's data warehouse, correlating them with threat intelligence sources and complex heuristics; expert threat verification, Cato's security researchers evaluate the validity and risk level in flagged endpoints, removing the risk of false threats; threat containment, verified threats are automatically contained by blocking IP addresses and C&C domains, which disconnects compromised machines and users from the network; and guided remediation, Cato's security operation centre offers advice on the risk's level threat, and give recommendations on how to fix the problem, following up until the danger is completely removed.
- Cloud and Data Security: Enables control and visibility into cloud-hosted applications by leveraging Cato's Cloud Access Security Broker (CASB) and Data Loss Prevention (DLP).
- Cloud Access Security Broker (CASB): Provides insights into cloud application usage across sanctioned and Shadow IT applications, assessment of SaaS application potential risk, and definition of access rules
- Data Loss Prevention (DLP): Used to achieve regulatory compliance and protect sensitive data, preventing data from being extracted or uploaded to the cloud or physical data centres.
- Advanced Threat Prevention: Features Casto Intrusion Prevention System and Next-generation Anti-Malware capabilities
- Next-Generation Anti-Malware: Multi-layered and tightly-integrated anti-malware engines, including Cato's own and NGAM, delivered through a partnership with SentinelOne
- Managed Intrusion Prevention System (IPS): Cloud-based, fully managed IPS service