Global Private Backbone

Enterprises have long struggled with finding reliable and affordable global connectivity. Global MPLS connections come at a high cost for limited bandwidth, if they’re available at all. The Internet, already unpredictable, is only made worse by the latency of long-distance global connections.

Cato solves the global connectivity problem. The Cato global private backbone is a private network spanning 60+ points of presence (PoPs) worldwide. The backbone is affordable and managed by Cato personnel.

Reliable Global Connectivity at an Affordable Price

Cato dramatically reduces the cost of enterprise-grade global connectivity by leveraging the massive build out in IP capacity. Cato PoPs interconnect across multiple tier-1 providers, backed by SLAs on availability, latency, packet loss, and jitter. Cato’s software monitors the real-time performance of the provider networks and with our application-aware routing algorithms, selects the optimum path across the Cato backbone — even if that path is indirect, via other PoPs. By controlling the routing and only using SLA-backed network capacity, Cato delivers far better performance than the public Internet and at far lower cost than global MPLS.

WAN Optimization for Peak Throughput

Cato improves application throughput not beyond just minimizing global network latency. Built-in WAN optimization dramatically improves TCP efficiency, increasing data throughput for sites and mobile users by as much as 40x. Cato PoPs proxy TCP connections, allowing TCP clients and servers to send far more data, sooner. Advanced TCP congestion control also enable Cato edges to send and receive more data, as well as better utilize the available bandwidth. Both techniques shorten the time needed to remediate errors, reducing the impact of packet loss on data throughput.

Cloud-native Software for Faster Innovation and Lower Costs

Cato PoPs run our cloud-native software, a fully multitenant and scalable network stack that performs all core networking and security functions — the route calculation, policy-enforcement, and security inspection. The software platform operates on off-the-shelf servers capable of breakthrough performance previously only possible with custom hardware.
Eliminating proprietary appliances transforms the technical, operational, and cost characteristics of a legacy telco network. Without proprietary hardware to acquire or deploy, Cato has been able to expand its network footprint rapidly. Today, the Cato network covers every major business center and, as PoPs are primarily software and standard servers, opening new PoPs can happen quickly. Owning our own software leads to faster innovation enabling Cato to respond rapidly to a customer’s features requests, quickly resolve service issues, and reduce operational costs and 3rd party license fees.

Self-healing By Design for 24x7 Operation

To ensure maximum availability, the Cato architecture is fully self-healing. All aspects of failure detection, failover, and fail back are automated, requiring no special planning or pre-orchestration. Each PoP contains multiple compute nodes running identical copies of Cato’s software; any compute node can serve any edge tunnel connected to that PoP. Should a compute node fail, the tunnels automatically move to another node. Should a PoP become unreachable, edges connected to that PoP automatically reconnect to the next closest PoP. And should a tier-1 provider connecting Cato PoPs fail or degrade, PoPs automatically switch to one of the alternate tier-1 providers.

Built-in End-to-end Encryption and Security

Extensive measures are taken to ensure the security of Cato Cloud. All communications — whether between PoPs or with Cato Sockets or Cato Clients — are secured by AES-256 encrypted tunnels. To minimize the attack surface, only authorized sites and mobile users can connect and send traffic to the backbone. The external IP addresses of the PoPs are protected with specific anti-DDoS measures. Cato service is ISO 27001 certified.

Recognized by
Gartner

Cato Networks recognized 11x by Gartner in:

  • Gartner Market Guide for Managed SD-WAN Services
  • Gartner Market Guide for Virtual Private Networks
  • Gartner Market Guide for Zero Trust Network Access
  • Gartner Midmarket Context: 'Magic Quarant for WAN Edge'
  • Gartner Hype Cycle for Enterprise Networking, 2019
  • Gartner Hype Cycle for Cloud Security, 2019
  • Gartner Hype Cycle for Midsize Enterprises, 2019
  • Gartner Hype Cycle for Threat-Facing Technologies, 2019
  • Gartner Hype Cycle for Edge Computing, 2019
  • Gartner Hype Cycle for Network Security, 2020
  • Gartner Hype Cycle for Digital Workplace, 2020

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose