Cato Endpoint Protection (EPP)

Cato Endpoint Protection (EPP) is the industry’s first SASE-managed EPP solution protecting endpoints against advanced malware, evasive attacks and zero-day threats. Cato EPP adds endpoint protection and detection to Cato’s multi-layer SASE architecture while reducing management overhead, increasing security teams efficiency, and improving the enterprise security posture.

Endpoint Protection Configuration Endpoint Protection Client Protected Endpoints View Cato Client Rollout Management Cato Datalake Events

Cato EPP Capabilities

Stop Malware Before File Execution and in Runtime

Cato EPP scans over 300 file types for threats, including archives and packed files. It uses advanced rule-based analysis and machine learning algorithms, to identify known, polymorphic, and zero-day malware based on file characteristics analysis. Cato EPP uses heuristics and process behavioral analysis to detect suspicious and malicious activity in real-time. This capability enables the detection and prevention of fileless malware operating directly in the system memory, evasive exploits and zero-day attacks, and ”living-off-the-land” attacks that leverage legitimate tools for malicious purposes. To further minimize attack surface, Cato can block the use of USB drives with device control.

Endpoint Protection Configuration

Flexible Containment Options for Compromised Endpoints

Responding to threats in real time is critical to minimizing the potential damage of a malware outbreak. However, delicate balance is often needed between automated response and user productivity. Cato provides administrators with the flexibility to adjust the containment policies to meet their organization security requirements including threat blocking, file quarantine, or process termination.

Endpoint Protection Client

Endpoint Protection Convergence into SASE Streamlines Security Management

Cato EPP is fully managed through the Cato Management Application (CMA), seamlessly integrated with all other Cato SASE Cloud Platform capabilities. Administrators gain the advantage of overseeing the protected endpoints from a unified console, where user data, network information, and security policies are consolidated. Cato EPP saves administrators the need to integrate, maintain, and manage a standalone endpoint protection solution. Manual SIEM integration is also eliminated as all EPP events and alerts are now a native part of the Cato SASE Cloud platform.

Protected Endpoints View

Instant Protection with Rapid Deployment and No User Impact

Cato EPP is provisioned via the Cato Management Application (CMA) or through the Customer’s selected Mobile Device Management tool (MDM). Administrators can onboard and start protecting thousands of endpoints in a matter of minutes. Once installed, the Cato EPP agent runs in the background and is completely transparent to the end-user. No login is required, and users get instantly protected and alerted when a security event occurs on the endpoint. Ad-hoc malware scanning activities can be initiated by the user or by the administrator directly from the Cato Management Application.

Cato Client Rollout Management

One Data Lake for Network and Endpoint Makes Detection and Response Faster, XDR-ready

Cato EPP events are stored in the same data lake with all other events generated by the various Cato SASE Cloud Platform engines. Cato XDR leverages high-quality endpoint data, alongside network-based sensors, for optimal AI/ML threat detection and investigation. Administrators can easily filter events by user or device seeing a unified list of all endpoint and network security events in one screen, enabling efficient incident investigation and response.

Cato Datalake Events

Endpoint Protection Platform Video Demo

Cato Endpoint Protection (EPP) is a SASE-managed EPP solution, that protects endpoints against advanced malware, evasive attacks and zero-day threats. It is seamlessly integrated and fully managed through the Cato Management Application (CMA).

Ventajas estratégicas de una verdadera plataforma SASE

Diseñado desde cero como una verdadera plataforma SASE nativa en la nube, todas las funciones de seguridad de Cato (tanto actuales como futuras) sacan el máximo partido de la distribución global, de la enorme capacidad de redimensión, de una resiliencia avanzada, de la gestión autónoma de ciclos vitales y del modelo de gestión constante de la plataforma de Cato.

 

Cumplimento uniforme de políticas

Cato extiende todas las funciones de seguridad al plano global para ofrecer un cumplimiento coherente de políticas en todas partes y para todo el mundo, desde en los centros de datos más grandes hasta en los dispositivos de un solo usuario.

 

Protección resistente y redimensionable

Cato puede agrandarse para inspeccionar flujos de tráfico de varios gigas (contando con descifrado TLS completo y abarcando a todas las funciones de seguridad) y puede recuperarse automáticamente de fallos de componentes de servicios para garantizar que la protección de seguridad sea continua.

 

Gestión autónoma de los ciclos de vida

Cato asegura que la plataforma en la nube SASE mantiene una postura de seguridad óptima, una disponibilidad del servicio del 99,999 % y un procesamiento de seguridad de baja latencia para todos los usuarios y ubicaciones sin que el cliente deba intervenir.

 

Panel único

Cato ofrece un panel de control único para gestionar de forma unificada todas las funciones de seguridad y redes, incluyendo la configuración, el análisis, la resolución de problemas y la detección de incidentes y la respuesta ante los mismos. Este modelo de gestión unificada facilita la adopción de nuevas facilidades por parte de TI y de las empresas.

 

«Ejecutamos un simulador de filtraciones y ataques. Los índices de infección y los movimientos laterales cayeron en picado a la vez que los índices de detección subieron. Esos fueron factores clave por los que confiamos en la seguridad de Cato».

Prueba Cato

La solución que los equipos de TI han estado esperando.

¡Prepárate para que te sorprendan!