Product Update - Aug. 7th, 2023

New Features & Enhancements

  • New Policy to Manage DNS Settings for SDP Users: Over the next few weeks we are gradually rolling out the DNS Settings Policy. This policy lets you easily manage custom DNS settings for SDP users and User Groups, for example if they need to use a local private DNS server. 

  • Preferred PoP Location Settings and 2nd Tokyo PoP: In May 2023, Cato launched a second PoP in Tokyo, referred to in the Cato Management Application as Tokyo_DC2. This second PoP improved the Cato service scale and resiliency for sites in Japan, and for Tokyo in particular. To benefit from the new PoP we recommend to use the default Automatic option for a site’s Preferred PoP Location settings. This option allows the Sockets to choose the optimal PoP options for the site for best performance and resiliency.

    • If you have a specific need to configure manual preferred PoP location settings for a site to connect to a PoP in Tokyo, make sure to configure the new Tokyo_DC2 as the preferred PoP location option. Starting August 6th, 2023, we will temporarily limit the manual configuration options for the primary preferred location to Tokyo_DC2 only.

    • There’s no impact for existing sites configured with the Tokyo PoP as a manual primary preferred PoP location. These sites will continue to use the Tokyo PoP option for the primary preferred PoP location.

    • You can find more information about the new PoP and review the updated best practices in this article.

Security Updates

  • Application Database:

    • Added more than 100 new SaaS applications (you can view the SaaS apps in the Apps Catalog), including:

      • StrongDM

  • IPS Signatures: 

    • Malware rueBot (New)

    • Ransomware Underground Team (New)

    • CVE-2023-34960

    • CVE-2023-33246

    • CVE-2023-31689

    • CVE-2023-29357

    • CVE-2023-28343

    • CVE-2023-2825

    • CVE-2023-27997

    • CVE-2023-25135

    • CVE-2020-12641

    • CVE-2015-5317 

  • Suspicious Activity Monitoring:

    • Procdump - Download (New)

    • Execution of Net User Query to Gather Security (New)

    • Executable File Transfer Over SMB With Impersonated Extension (New)

    • Opening Executable in Admin Share (Enhancement)

    • Phishing heuristic (Enhancement)

  • Application Control Policy (CASB):

    • Enhanced granular actions for the following app:

      • Dropbox: Login

Knowledge Base Updates

Was this article helpful?

0 comments

Add your comment