Appliance Elimination Makes Security Simple
Like many small companies, Love, Bonito relied on the Internet to connect its offices. And like many IT managers of small companies, Wayne Khan, Love, Bonito’s head of IT, found firewall appliances increasingly out of step with his organization. He needed a way to restrict access to recreational sites and protect home users.
“The network perimeter is deprecated today,” he says, “We needed to a tool that respected this change.”
Khan considered purchasing Unified Threat Management (UTM) appliances and equipping users with virtual private network (VPN) access, but installing more security appliances didn’t align with his IT objectives.
“I wanted to simplify our local infrastructure not make it more complicated,” he says. “With UTM, I would have been left updating, patching and maintaining the appliance.”
He liked the simplicity of the Cato Cloud service and flexibility it gave him to activate what he wanted, when he wanted it and wherever he needed it. He could choose whether or not to activate Cato’s security and networking services one location at a time, across all locations at once, or even client-by-client.
Khan decided to deploy the Cato Cloud, starting with his main site and his mobile users. He activated Cato’s next generation firewall (NGFW), as well as URL filtering for all sites and users.
Every implementation has its own nuances and Love, Bonito is no exception. Khan needed to support a phased deployment, connecting the headquarters first to the Cato Cloud. He also knew he would still need to securely connect to the third-party’s site running the company’s ERP server.
Khan kept Love, Bonito’s existing firewall, splitting the outbound traffic with his router. ERP traffic is sent to his firewall; all other traffic is sent to the Cato Socket, a small appliance connecting into the Cato Cloud network via an IPsec tunnel. Mobile and home users ran the Cato Client software to connect into the Cato Cloud.
With Cato in place, gone are the days when he had to be worried about what users were doing on the Internet. “Cato’s URL filtering has made it much easier for us to express Love, Bonito’s organizational posture on particular categories of content,” Khan says, “We can block unacceptable sites, but prompt when our staff needs (or rather, demands) for their “fix” of Korean drama.”
And now he can also offer secure access to corporate systems from anywhere. “The VPN functionality lets staff access our leave management system and other resources even from outside of the office, securely.”
The Way Forward
Khan isn’t finished yet. He plans to connect his AWS instance to the Cato Cloud this year and as for his firewall, “My goal is to simplify our local infrastructure by moving our ERP system into the cloud and eliminating the firewalled connection to the third-party location,” he says.
His experience with Cato support has been “excellent” he says. Strategically, Cato put him in a position to move forward with his simplification initiative.
More customer stories
Kemin Industries Replaces 60-Site Worldwide MPLS Network with the global managed SD-WAN services
Leading EduTech Provider Replaces Global VPN and Optimizes Mobile Connectivity with Cato SD-WAN
New Wave Group Quintuples Capacity, Boosts Flexibility with the Cato Cloud
Aquila Connects 60+ Locations Across Australia with Cato’s Global Managed SD-WAN
BioIVT Connects and Secures Global Network with Cato Cloud and the Cato Managed Threat Detection and Response (MDR) Service