Cato Networks SD WAN & SASE Cybersecurity Solutions

Sector, Company Type, and Location:Pharmaceutical  |  Manufacturing  |  Healthcare  |  Retail  |  Industrial  |  Financial Services  |  Logistics  |  Construction  |  Automotive  |  Transportation  |  Technology  |  Insurance  |  Vendor  |  Europe  |  Asia  |  Australia  |  UK  |  North America
Tags & Search Filters:SD WAN  |  XDR  |  CASB  |  ZTNAand 22 more tags  |  DIY SD WAN services  |  Co-managed SD WAN services  |  Internet leased line  |  SASE Cybersecurity  |  Managed SD WAN services  |  MDR  |  FWaaS  |  SWG  |  Security MSP  |  End point protection  |  File analysis  |  Security and compliance  |  Security service edge  |  Cloud workload protection  |  Identity governance, access management  |  Managed security  |  Integrations  |  Analytics  |  Network firewalls  |  Reporting and statistics (SD WAN)  |  SaaS  |  Compliance reporting

Cato Networks SD WAN solution offers an end to end capability which includes full stack next generation security (SASE) and access to their private global backbone.

Cato Networks SD WAN & SASE Cybersecurity Solutions
Summary

Cato Networks SD WAN and SASE Solution: Comparisons, Review, Benefits, Use Cases, Pros & Cons

Author: Netify Research Team

If you have questions about Cato Networks and how their capability is aligned to your needs, email the Netify research team.
UK: uk@netify.co.uk North America: northamerica@netify.com

(Please use the UK email for ROW - Rest of the World - questions or inquiries)

Resources and Downloadable Content

Request the very latest Cato Networks SD WAN & SASE sales PDF directly from your local account team. Please check your junk folder if not received.

Complete your details to arrange a demo of Cato Networks. You will receive contact requesting available dates and times - please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

Review

Netify Review

Cato’s global private backbone and cloud-native SD WAN features are a good fit for large companies with worldwide connectivity requirements. Their 60+ PoPs worldwide are designed to combat latency and network inconsistency in multiple locations. Most notably are Cato’s PoPs located in China, an area that is typically difficult to reach. 

Cato mainly operate with small-medium sized businesses and have a strong presence in North American and Asia/Pacific markets. Although in a majority of use cases their out of the box SASE and SD WAN solutions are a good fit, for companies that require complex offerings, Cato lacks the essential granular features.  

Cato have expertise in security solutions (SASE) and a competitive edge across threat intelligence. Their security-as-a-service solution performs to a high degree of accuracy when compared to rival offerings. In a study carried out by Cato, they found in a group of 400+ customers over a three month period, only 7 false alarms were raised. This means that in most cases customers will statistically seldom experience a false alarm. With this level of accuracy, Cato’s security services avoid downtime by keeping applications running unless there is a genuine security threat.

Marketplace Assistance

Are you an IT decision maker building your own SD WAN or SASE Cybersecurity shortlist?

Take our 90 second assessment quiz to find out which top 3 vendors or managed providers are a match for your answers.

About

About Cato Networks

Cato Networks is an SD WAN and SASE security vendor based in Tel Aviv, Israel. Their other deployment regions include North America, the United Kingdom, Canada, Latin America, South Africa, Africa, Europe, the Middle East, Australia and Asia/Pacific Countries, with approximately 400 employees worldwide. Cato caters to both regional and international needs, via a global private backbone for large worldwide firms, whereas regional needs are secured through a single cloud service.

Pros & Cons

What are the pros and cons of Cato Networks SD WAN & SASE Cybersecurity?

List of the pros and cons associated with Cato Networks SD WAN and SASE security.

Pros

  • Private Global Backbone - supported by 60+ points of presence (PoPs) worldwide that are connected to multiple Tier-1 providers. This is monitored in real-time by Cato’s software, selecting the optimum path to reduce latency across the network (See How Does Cato Support Remote Users?)
  • Offer their own SASE security services. (See What is the Cato SASE Security Solution?) - No requirement to source from a third party.
  • Although Cato have a private backbone, they are also capable of dealing with regional requirements by creating site-to-site VPNs. This means traffic will not use their private backbone PoP’s, however customers can still leverage Cato’s cloud technology.
  • Cato’s global private backbone and application optimization features are good for customers who suffer with latency and network inconsistency in global locations. They are able to achieve this with traffic engineering across their global backbone between core PoP sites. 

Cons

  • Some customers report Cato SD WAN as not being as granular as some competitors. Cato’s SD WAN offering may not be suited for large complex networks as their simplified features and portal could struggle to fully address complex requirements.
Comparison

Comparison: Cato Networks vs Aryaka SD WAN and SASE security:

Consider the points below to compare Cato Networks vs Aryaka SD WAN and SASE security.

Cato Networks

  • Private Global Backbone 
  • Focus on SASE security services
  • Offer site-to-site VPNs for regional requirements
  • Offer transport agnostic solutions
  • Allow customer to use their own underlay
  • Traffic engineering between core PoP sites across their backbone helps improve latency and network consistency

Aryaka

  • Layer-2 Global Private Backbone
  • Latecomer to SASE market with recent acquisition of Secucloud
  • Offers defined regional and local connectivity
  • Procure DIA underlay circuits on the clients behalf
  • Network only compatible with Aryaka products
  • Known for SD WAN managed services (inc.underlay), only offer fully managed services although co-management is available through a self serve  management interface

Similar Vendor

Top 3 similar SD WAN Vendors

Click the vendor logo to find out more about each respective SD WAN solution.

SD WAN

What is the Cato Networks SD WAN Solution?

Cato’s SD WAN offering combines the benefits of WAN Edge, a global backbone and their full network security stack (See, What is the Cato SASE Security Solution?). Their SD WAN offering is available as a managed service, with full cloud functionality, connecting all enterprise resources, physical locations, cloud datacenters and mobile workforces into one seamless network - meaning there is no need for a multiple point solution. 

Part of Cato’s SD WAN offering is their Socket SD WAN Device. The device is designed to connect a physical location to the nearest Cato point of presence (PoP) using any number of last mile connections. Clients are able to choose a mix of fiber, cable, xDSL and 4G/LTE connections. 

Cato’s SD WAN offering is cloud native - it combines networking and security into one managed cloud. This means that no proprietary hardware is required to run in the cloud, such as global routing, security and management. They also offer a hybrid solution for enterprises looking to either augment or replace their MPLS, removing the need for branch security appliances and supporting cloud applications and mobile users. 

Configuration-Based Key Features

  • Optimized Global Connectivity: Cato’s global backbone has built-in WAN and cloud optimization, allowing them to deliver an SLA-backed high performance network connection worldwide, even for remote users. This can also benefit customers who suffer with high latency and network inconsistency across their locations.
  • Mobile Access Optimization: Ideal for remote users such as staff working from home. Cato allow customers to use client or client-less browsers to access the closest Cato point of presence (PoP). This allows traffic to be optimally routed over Cato’s global private backbone direct to either on-premises or cloud applications.

Security-Based Key Features

Performance-Based Key Features

  • Cloud Acceleration: designed to accelerate access to cloud applications such as AWS, Azure and Office 365. This helps to augment and potentially replace MPLS with its high quality Internet and Cato Cloud services.
  • Dynamic Path Selection: This allows available uplinks to be used to load balance and route traffic in real time, through the introduction of redundant packets or error recovery into the traffic flow. This works to avoid network blackouts and brownouts.
  • Link Aggregation: Cato employs link aggregation to increase throughput over multiple network connections rather than a single line. In the event of a failure in one link there is headroom available to ensure an alternate connection.
  • Quality of Service (QoS): Cato offer quality of service user and application aware prioritization - this controls traffic and improves the performance of critical applications.
SASE

What is the Cato Networks SASE Security Solution?

Cato’s SASE security solution is cloud-native and built direct into their global backbone. Available both regionally and globally, it is accessible even by remote users. This is because user and resource is identity-driven, meaning that each network connection is associated with an identity, reducing operational overhead as users can have a set of networking and security policies regardless of their location. The SASE offering is also cloud-native, leveraging key cloud capabilities such as elasticity, adaptability, self-healing and self-maintenance - lowering costs and improving efficiency. Further, Cato’s security offering is able to support all Edges - meaning that the SASE creates one network for all company resources such as datacenters, branch offices, cloud resources and mobile users. 

Cato offer their full network security pack which is built direct into their global backbone, called ‘Security-as-a-Service’. This avoids the need for backhauling traffic to specific choke points and third party security products, that will require chaining together. All SASE policies are cloud native. Cato’s security-as-a-service, also directly integrated into the Cato Cloud network. This multi-layered system provides uniform security solutions and policies with global reach, provisioning integrated flexibility of the cloud. Cato uses Next Generation Firewall and a Secure Web Gateway to provide granular access management to internet-bound traffic and web access control. 

Cato’s cloud native SASE solution is distributed over the global private backbone to ensure that security and network requirements are addressed by a single, interconnected facility. 

Security as a Service comes with a number of key features: 

  • Firewall as a Service (FWaaS): Application aware ‘firewall-as-a-service’ (FWaaS). Cato is able to deliver firewall and network security capabilities with cloud service. This means that clients have access to network security (URL Filtering, IPS, AM, NG-AM, Analytics, MDR) in any location, and removes the need for appliance form factor firewalls.
  • Secure Web Gateway (SWG): Included in the security pack is Secure Web Gateway (SWG). This focuses on layer 7 web traffic inspection, inbound and outbound, protecting against phishing, malware and many other internet-borne threats. Because it is cloud-based, security is available to remote users outside the office.
  • Managed Threat Detection and Response Services (MDR): Designed to detect and eliminate malware threats, it offloads compromised endpoints to Cato’s security operation center team. It offers: automated threat hunting, which looks for anomalies across flows in Cato’s data warehouse, correlating them with threat intelligence sources and complex heuristics; expert threat verification, Cato’s security researchers evaluate the validity and risk level in flagged endpoints, removing the risk of false threats; threat containment, verified threats are automatically contained by blocking IP addresses and C&C domains, which disconnects compromised machines and users from the network; and guided remediation, Cato’s security operation center offers advice on the risk’s level threat, and give recommendations on how to fix the problem, following up until the threat is completely removed.
Funding

Funding Rounds

2015$20M
2016$50M
2019$55M
04/2020$77M
11/2020$130M
2021$200M
Cloud Vendors

How does Cato Networks access cloud vendors?

Cato use their global backbone to integrate with major Cloud vendors (such as Amazon AWS, Microsoft Azure and Google Cloud) via IPsec tunnels. Traffic is optimally routed from the Edge direct to cloud providers - this eliminates the need for premium cloud connectivity solutions (such as AWS DirectConnect or Microsoft Azure ExpressRoute) making Cato’s offering simpler and more cost-effective.

Cloud Access

Cloud Access

Amazon Web Services33.3
Microsoft Azure33.3
Google Cloud33.3
WAN Acceleration and Optimization

Does Cato Networks offer WAN acceleration and optimization?

Cato’s WAN offering is optimized via a native cloud software, Cato Cloud. Cato uses packet duplication, correction and last-mile methods to improve the reliability of the network. Cato Cloud, integrated with the global private backbone has a 99.999% uptime SLA and the global PoP network is supported by various Tier-1 ISPs. The network is optimized to improve traffic flow by reducing latency issues. Cato’s offering reduces costs as its functionality does not require the use of Azure ExpressRoute or AWS Direct Connect. Optimization for mobile negates the need for backhauling as remote users can access the network through the nearest Cato PoP.

Remote Users

How does Cato Networks support remote users?

Cato is able to provide substantial support to individual remote users by connecting on-site or cloud data centers to the Cato SASE cloud. The global private backbone can be accessed either through the Cato client or client-less browser by remote users whose traffic can be routed to cloud applications on premises through the nearest PoP. Remote access is available to multiple users globally and is guarded by Cato’s security-as-a-service stack to ensure data traffic is protected.

Managed, co-managed & DIY services

What is the Cato Networks managed, co-managed and DIY services solution?

Cato’s managed services offering includes: Hands-free management, Intelligent last-mile management, managed SASE service, managed threat detection and response (MDR).  The advantage of Cato’s SASE platform offering is that due to its strong in house support and partnerships, it is very cost efficient with a notable lack of third party royalties. Cato’s offering is reliable and affordable for a global connectivity solution. Cato’s SD WAN offering can be DIY, co-managed or fully managed with support from Cato and partners.

Services

Services

Managed40
Co-managed30
DIY30
Portal

What Reporting and Management is available via the Cato Networks Portal?

The Cato portal provides users with traffic summaries and application usage data. The system is single glass plane and shows network activity from different resources and top applications in the previous 24 hour period. The Cato portal allows users to view overall network activity and the ability to configure, manage & troubleshoot networks from a single system.

Points of presence

Number of PoPs

Cato Networks60
Aryaka30
VeloCloud by VMware150
Service Level Agreement

What is the Cato Networks SLA?

Below is a table displaying the main focus points of the Cato Networks Service Level Agreement (SLA).

Priority (Lvl.1-3)DescriptionResponseStatus Update
Critical Full Cato Network Service outage, multiple PoP services down.Up to 2 hoursEvery 2 hours
HighSingle PoP service down however customer can access alternate PoP. Cato management application service interruption.Up to 4 hoursEvery 1 business day
LowOther concerns that do not hinder customer access to significant service features.Up to 1 business day4 business days

 

Frequently Asked Questions
What is the Cato Networks SD WAN architecture?
Ask a question

Send your local contact from Cato Networks a message, this form will reach Cato Networks directly.

Contact Cato Networks
Complete the form to get in touch with a representative from Cato Networks.
Report

Download the the complete guide to 10 SD WAN solutions.

The most comprehensive top 10 guide we have ever created.

Similar Companies

There are no results matching your selection.

Deployments

Deployment Region

North America39%
Asia/Pacific29%
Europe, Middle East and Africa21%
Latin America11%
Proposition Focus

Proposition Focus

Features4
SASE/Security5
Cloud3
SD WAN4
Industries

Industry Coverage

Finance13%
Healthcare7%
Manufacturing40%
Other40%
Focus

Other Focus

Remote users8
Simplicity8
Complex requirements4
List your business

List your business with Netify Learn More →

Geographic

Geographic Focus

EMEA30
APAC35
Americas35

Please complete the form to ask a question or send a message directly to Cato Networks. Netify have carefully curated global sales contacts based on your IP location. If you do not receive contact, please check your junk folder.

Book a demo of the Cato Networks SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

A Netify Vendor Briefing is a 30 minute Zoom research session for IT decision makers, and an opportunity to learn about the vendors products, services and business strategies specifically or a related technology or market. We'll also discuss their competitors and which other solutions your business should consider. If you do not receive contact, please check your junk folder.

Netify is the first dedicated global SD WAN & SASE comparison marketplace.

List Your Business

Netify Forbes member logo

For Global IT Decision Makers

The Global SD WAN & Cybersecurity Playbook

Download our vendor and managed service provider guide to the top 10 SD WAN & top 10 SASE cybersecurity solutions for Global companies.