Advanced Threat Protection is the collection of network security and related defenses deployed to address current and emerging threats. Often, it is not the advanced nature of the threat that is the real risk. IT organization are facing the daunting task of maintaining complex infrastructure as the basis of providing Advanced Threat Protection to their users. Following simple best practices like network segmentation, keeping software up to date, monitoring and detecting unauthorized cloud usage (“Shadow IT”), and deploying multi-factor authentication – to name a few – represent a real hurdle for IT leaders facing significant skill shortages.
Advanced Threat Protection that delivers a powerful set of defenses, in the form of self-maintaining cloud service, is essential to effective security. Customers should expect up-to-date, scalable and optimized infrastructure as the starting point to evaluating Advanced Threat Protection capabilities.
The Cato Solution: A cloud-based network with built-in Advanced Threat Protection
Cato is providing a range of advanced security services built into a global cloud network. The Cato Cloud aggregates all enterprise traffic across data centers, branches, mobile users and cloud infrastructure into the cloud. It then applies multiple security engines to enforce a comprehensive security policy on both WAN- and Internet-bound traffic, and all users, both fixed location and mobile.
The Cato Research Labs is analyzing cloud network traffic patterns to looks for anomalies and possible attacks on our infrastructure and on customers networks, and adapt our defenses as needed.
Cato’s Advanced Threat Protection provides the following benefits:
- Built-in network segmentation: The cloud network is segmented by default preventing access between network resources (locations, users) unless specifically permitted.
- Advanced malware protection: Cato inspects all web sites access for malicious domains (phishing and malware delivery sites). It also performs inspection on all WAN and internet traffic for malicious files.
- Intrusion prevention system: Cato perform deep packet inspection on all traffic for indicators of compromise or malicious patterns. Protocols validation, known CVEs, flagged domains and IPs, and advanced behavioral analysis is seamlessly performed in the Cato Cloud.
- Network anomaly detection: Cato enforces application aware policies on both WAN and Internet traffic across all network resources. Deep Packet Inspection is used to look for attack patterns within internal and external network activity.
- Rapid threat adaptation: Cato leverages the unprecedented visibility to the cloud network traffic to detect network anomalies and emerging threats. This enables quick adaptation of our Advanced Threat Protection to protect all customers.
- Cross-domain event correlation: Cato looks at network activity across multiple domains to identify complex attack patterns in real time.
- Unrestricted scalability and self-maintaining service: Cato can inspect any traffic mix (encrypted and unencrypted) and ensures capacity is available to provide subscribed services. Without the need to size, upgrade, patch or refresh appliances, customers are relieved of the on going grunt work of keeping their network security up to date against emerging threats and evolving business needs.