Cato optimally and securely connects all enterprise locations, users, applications, and clouds, into a global and secure, cloud-native service. Cato can be gradually deployed to replace security point solutions and legacy network services.
Cato’s cloud-native security stack, SSE 360, is built using the Cato Single Pass Cloud Engine (SPACE) architecture and converges the following capabilities: Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), Remote Browser Isolation (RBI), Zero Trust Network Access (ZTNA/SDP), and Firewall as a Service (FWaaS) with Advanced Threat Prevention (IPS, Next Generation Anti-malware). SSE 360 scales to decrypt and inspect all enterprise traffic, without the need for sizing, patching, or upgrading of appliances and other point solutions. Security policies and events are centrally and uniformly managed using the self-service Cato Management Application.
Cato can further secure your network with a comprehensive Managed Threat Detection and Response (MDR) service to detect compromised endpoints.
Cato SASE Cloud provides users with zero trust network access (SDP/ZTNA) to on-premises and cloud applications using laptops, tablets, and smartphones. With a Cato Client or Clientless browser access, users securely connect to the nearest Cato PoP using strong Multi-Factor Authentication. Traffic flows only to applications authorized for the users based on identity, access policy, and user context. Throughout the session, traffic is fully inspected by Cato’s security stack to prevent malware propagation from compromised endpoints.
The Cato Socket SD-WAN device connects a physical location to the nearest Cato PoP via one or more last mile connections. Customers can choose any mix of fiber, cable, xDSL, and 4G/LTE connections.
The Socket applies multiple traffic management capabilities such as active-active link usage, application- and user-aware QoS prioritization, dynamic path selection to work around link blackouts and brownouts, and packet duplication to overcome packet loss.
The Socket can also route site-to-site traffic over MPLS and the Internet to address regional and application-specific requirements.
Cato SASE Cloud runs on a private global backbone of 75+ PoPs connected via multiple SLA-backed network providers. The PoPs software continuously monitors the providers for latency, packet loss, and jitter to determine, in real-time, the best route for every packet.
Cato’s backbone design delivers end-to-end route optimization for WAN and cloud traffic, and a self-healing architecture for maximum service uptime. Our customers experience connectivity that is superior to the unpredictable public Internet and more affordable than global MPLS and other legacy backbones.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose
Cato integrates with major cloud providers, such as Amazon AWS, Microsoft Azure, and Google Cloud with secure IPSec tunnels or a Cato vSocket virtual appliance. Deployment is fast and simple and connecting a cloud datacenter to Cato takes minutes. All traffic to and from the cloud DC is subject to full security inspection by Cato’s built-in security stack, SSE 360 and is optimally routed from the edge to the cloud providers. With Cato, customers can eliminate the need for premium cloud connectivity solutions such as AWS DirectConnect and Microsoft Azure ExpressRoute
Cato optimally routes traffic to public cloud applications, such as Office 365, Salesforce, Box, UCaaS, and Cloud ERP, from the enterprise edge to the doorstep of the cloud application’s datacenter. Cato accelerates end-to-end throughput up to 20x, boosting application performance for bandwidth-intensive operations like file upload and download.
All traffic and files exchanged with the cloud application are fully inspected by Cato’s security stack, SSE 360, to protect users from threat, attacks, and data loss.
Cato provides a cloud-based and self-service management application to control the entire service. It includes full network and security policy configuration, and detailed analytics on network traffic and security events. To experience the ease of use and deep visibility of Cato Management Application, please request a demo.
Self-service management is a unique advantage of Cato over legacy managed network services providers that require customers to submit tickets for any change to the network. If needed, Cato and its partners offer managed service options. In all cases, Cato maintains the underlying platform so customers do not need to upgrade, patch, or otherwise maintain the Cato SASE Cloud.