Firewall as a Service (FWaaS) is a new and revolutionary way of delivering firewall and other network security capabilities as a cloud service. Enterprises have always deployed next generation firewalls as appliances. While form factor varies between physical and virtual appliances, deployed on-premises or in the cloud, customers needed to support the full appliance life cycle. Distributed locations needed dedicated appliances that had to be sized and upgraded to accommodate business growth. Appliance software had to be patched and upgraded. Policy management had been done on an appliance basis. We refer as the “appliance straight jacket” and it had impacted both enterprises and service providers.
Firewall as a Service (FWaaS) is a new type of a next generation firewall. It does not merely hide physical firewall appliances behind a “cloud duct tape”, but truly eliminates the appliance form factor, making firewall services available everywhere. In essence, the entire organization is connected to a single, logical global firewall with a unified application-aware security policy. Gartner has highlighted FWaaS as an emerging infrastructure protection technology with a high impact benefit rating.
When you integrate with third-party tools, you find vendors often get into a finger pointing contest when something goes wrong. I wanted to avoid all of that.
Cato is providing Firewall as a Service (FWaaS) built into a global cloud network. The Cato Cloud aggregates all enterprise traffic from data centers, branches, mobile users, and cloud infrastructure into the cloud. It then enforces comprehensive security policy on both WAN- and Internet-bound traffic, and all users, both fixed location and mobile.
Cato’s Firewall as a Service represent the next evolution in firewall technology that leverages advances in software and cloud technologies, to deliver a wide range of network security capabilities on-demand wherever businesses need it.
with all WAN and Internet traffic going through the Cato Cloud there are no blind spots and no need to deploy multiple appliances.
Cato can inspect any traffic mix (encrypted and unencrypted). Cato ensures capacity is available to provide the service the customer subscribed to.
Cato enforces one granular policy and rule base that can extend from one user to the entire business. The rule base is common to all security functions and all traffic types. There is no need to associate policy with distinct appliances or point products.
Without the need to size, upgrade, patch or refresh firewalls, customers are relieved of the on going grunt work of keeping their network security up to date against emerging threats and evolving business needs.