Secure Global SD-WAN as a Service - illustration

The Cato Solution:
Converged, Cloud-Native Architecture

Cato’s Cloud-Native SD-WAN is part of Cato’s broader SASE platform. Converging networking and security into a single centrally managed cloud, Cato offers enterprises a holistic solution to support their business transformation and march confidently to the digital era.

Cato’s architecture avoids proprietary hardware and converges all enterprise functions into a multitenant, cloud-native, software stack. Cato runs all functions; global routing, security, management, etc. in the cloud, creating a thin edge architecture and minimizing edge-compute requirements.

With its global private backbone supported by 50+ PoPs, Cato enables enterprises to maximize their WAN investment and gradually move to a full SASE solution, at the pace and scale fit for them.

“Cato offers one, integrated solution with a global backbone including, security, and mobility. What we see nowadays is that everyone looking at SD-WAN looks at security. The two go together. Cato addresses both dimensions in one seamless solution"
Lars Norling, Director IT Operations, ADB SAFEGATE
Lars Norling,
Director IT Operations, ADB SAFEGATE

Challenge

Traditional SD-WAN fails to support the digital business needs

To support the digital transformation and future business needs, IT must enable secure connectivity across all edges at a global scale. With traditional SD-WAN, however, IT is left with the complexity of handling multiple point products, on top of remaining dependent on rigid and expensive MPLS links for delivering secure and well-performing connectivity.

Traditional SD-WAN fails to address network security requirements

Cato Solution

Converged, cloud-native architecture built for the digital era

Cato converges traditional SD-WAN, global private backbone, full network security stack, and seamless support for cloud and mobile, providing a holistic solution that goes beyond mere MPLS cost reduction. Cato eliminates the need for multiple point products, as well as the cost, complexity and risk associated with maintaining them. 

Secure Global SD-WAN as a Service

Traditional Solutions vs. Cato Solution

Legacy

Cato

Optimized Global Connectivity

No global latency control persists MPLS dependency

SD-WAN uses the public Internet where latency is unpredictable, hence enterprises still need to maintain some MPLS capacity to support latency-sensitive applications. 

Replaces, not just augments, MPLS

Cato’s private global backbone delivers built-in WAN optimization. Customers can move to a combination of high-quality Internet last mile and Cato Cloud to augment and ultimately replace MPLS. Cato Cloud accelerates access to key cloud applications like Amazon AWS, Microsoft Azure and Office 365.

Secure Internet Access

No integrated network security capabilities

SD-WAN directs WAN traffic across encrypted Internet tunnels, providing only basic security for sending traffic over a public network. Yet, accessing websites and cloud applications directly from a remote office (without backhauling to a datacenter), requires a full network security stack including NGFW, URL filtering, anti-malware, IPS and more. This requires partnering with 3rd parties, complicating and fragmenting network and security policy management.

Cloud-based network security everywhere

Cato provides a full enterprise-grade, network security stack built directly into its global backbone. There is no need to backhaul traffic to specific choke points or introduce 3rd party security products and services chained together. All network and security policies are configured within Cato’s cloud-based management application.

Cloud and Mobile Support

No support for cloud infrastructure and mobile users

SD-WAN solutions were designed to reduce spend on MPLS connectivity between physical locations. For legacy WAN architectures, cloud data center integration was an afterthought and mobile support was not a consideration. Yet, cloud and mobility represent an essential part of how business gets done today.

Seamless support for cloud infrastructure and mobile users

With Cato, enterprises can easily connect all resources into the WAN, including physical locations, cloud applications, and fixed and mobile users. With Cato’s cloud-native
SD-WAN delivered as a service, networking and security capabilities are available everywhere and to all resources without the need to introduce point products.

Frequently Asked Questions

  • What is SD-WAN used for?

    SD-WAN is used to reduce networking costs and improve resiliency and agility by connecting branch locations with affordable Internet connectivity and smart software. When combined with a global private backbone and cloud-based security stack, SD-WAN can extend secure and optimize access to cloud resources and mobile users.

  • What is the difference between WAN and SD WAN?

    The WAN connects enterprise network resources, like branches and datacenters, typically over one type of connectivity (MPLS or Internet). SD-WAN is a modern implementation of the WAN, that uses smart software to dynamically route application specific traffic across multiple services such as MPLS, DSL, cable, and 4G/LTE. SD-WAN as a Service can extend these benefits to other resources such as cloud datacenters and cloud applications.

  • Why is SD WAN important?

    SD-WAN is important because it lets enterprises leverage affordable Internet links to boost network capacity, and improve resiliency by dynamically adjusting to changing network conditions. When coupled with a global private backbone, SD-WAN can extend its benefits to cloud resources and mobile users anywhere in the world.

  • Is SD WAN better than MPLS?

    SD-WAN can aggregate multiple transports including DSL, Cable, and 4G/LTE and route traffic to work around network problems. These capabilities can achieve better last-mile availability and performance than MPLS. For global networks, the Internet is too unpredictable to provide optimal user experience for key applications like voice, remote desktops, and ERP. SD-WAN must be combined with an affordable global private backbone, to match the predictable latency and low packet loss of global MPLS at a lower cost.

  • How secure is SD WAN?

    SD-WAN establishes encrypted tunnels between locations to prevent data loss. However, encryption alone does not protect against network-based threats, malware, and phishing. Security capabilities including decryption, firewalling, URL filtering, anti-malware, and IPS must be deployed alongside or within the SD-WAN.

Learn more about SD-WAN