Cato Networks, a provider SASE, today introduces Cato CASB, a cloud access security broker (CASB) to deliver actionable value in under 60 minutes.
Along with the Cloud Application Catalog launched last month, Cato provides a quick to deliver and easy to run solution for managing cloud application data risk.
“CASB addresses a critical visibility and control gap created by cloud migration but must be converged into a broad SASE platform to be truly effective across the business,” said Shlomo Kramer, co-founder and CEO of Cato Networks, “We’ve done just that with Cato CASB. By building Cato CASB into the Cato SPACE engine, it can leverage the global footprint, rich context, cloud scalability and self-healing and self-maintenance underpinning the Cato SASE Cloud. Cato CASB is just the latest example of high impact, high value capabilities that are effortless to deploy and use.”
Cato brings the benefits of a true SASE platform to the challenge of managing cloud application risk. Legacy, stand-alone CASB solutions require extensive planning and deployment times that can take several months. By contrast, Cato CASB is instantly available offering full visibility and control of cloud application access.
As part of Cato SASE Cloud, Cato CASB is available worldwide from more than 70 locations for every site or user accessing any cloud application. This broad footprint enables optimized enforcement of corporate policies on all cloud access without introducing high latency, even when accessing cloud applications across geographical regions.
Legacy CASB solutions coverage varies by location or available capabilities. And Cato CASB taps the full power of Cato’s multi-layer threat defense. Cloud-based file access is inspected by Cato advanced anti-malware and IPS engines. Access control to locations and resources are limited through Cato NGFW and SWG.
With legacy CASB, all those components would be additional, requiring integration and deployment. With today’s announcement, Cato addresses all four stages for managing cloud application data risk — visibility, assessment, enforcement, and protection:
Visibility – The New Shadow IT Dashboard Cato is introducing a Shadow IT dashboard that provides a bird’s eye view of aggregate SaaS usage including number of total and high-risk applications, list of the highest risk applications, number of users accessing them, as well as distribution by risk. With the Shadow IT Dashboard, enterprises have a snapshot of their authorized and non-authorized application activity.
Assessment – The Cato Application Credibility Engine (ACE) having identified unauthorized applications, IT leaders must assess their risk before deciding if they should be blocked, controlled, or allowed. Cato has built a unique Application Credibility Engine (ACE) which automates data collection from several sources to enable a quick and accurate assessment of each application. Three vectors are aggregated together for a comprehensive analysis – general company information, compliance features, and security capabilities. Machine learning algorithms operating against Cato’s massive data lake of flow metadata analyzing the actual features applications exhibit on the network. Cato regulatory compliance verification includes HIPAA, PCI, and SOC 1-3. Security feature verification includes MFA, encryption of data at rest, and SSO. The Cloud Application Catalog uses Cato’s ACE to provide company information, compliance features and security capabilities for every application.
Enforcement – Cato CASB Rules Define Access Policies having discovered unauthorized applications on their networks and been able to assess their risk, IT leaders must decide how they want to respond. With Cato CASB, they gain fine-grained access over the application. The rules allow them to define the matching criteria, the specified action to be taken in case the rule applies, the associated severity level, and whether an alert or event should be generated. Cato CASB Policy Rules allow fine-grained control of applications across the enterprise.
Protection – Cato Detects and Blocks Threats and Breaches The last stage is ensuring the protection of SaaS usage. Cato’s SASE achieves this through the convergence of its security tools. All SaaS traffic is processed by multiple security tools — NGFW, SWG, IPS, and NGAM. Together, these tools provide comprehensive protection from an array of threats. Cato optimizes and secures application access for all users and locations. Using Cato, customers migrate from MPLS to SD-WAN, optimize connectivity to on-premises and cloud applications, enable secure branch Internet access everywhere, and seamlessly integrate cloud data centers and remote users into the network with zero-trust architecture.
With Cato, the network, and your business, are ready for whatever’s next. For more information, go to CatoNetworks.com