This article discusses how to use the predefined Cato categories and create custom categories to meet the specific needs of your organization.
The Categories page shows you Cato system and custom categories. Categories are global objects that you can use to customize the Networking, WAN, and Internet firewall rules to meet the specific needs of your network.
The system categories are predefined and group web content into common categories, such as News, Gambling, Weapons, and so on. You can also create custom categories to include a group of system categories, specific websites, services, and applications.
If a system category doesn't have any members defined for it, then there are no apps or services associated with the category. However, the category can still include domains as part of third-party URL filtering. For more information about domains and categories, see Identifying the Category for a Domain.
Note
Note: System categories can include Cato-defined members, and members defined according to third-party URL filtering services. The Cato category definitions are applied to both Internet and WAN traffic flows. However, category definitions based on third-party URL filtering services are only applied to Internet traffic flows.
When you add multiple categories to a single networking, WAN, or Internet firewall rule, there is an OR relationship between them.
The Categories page lets you show the details for each system and custom category. System categories can include Cato-defined members, and members defined according to third-party URL filtering services. However, only the Cato-defined members for a category are shown in the page.
To show a category:
-
From the navigation panel, click Assets > Categories.
The Categories panel opens, displaying the Custom Categories tab and the System Categories tab.
-
Select if you want to show the predefined System Categories or Custom Categories.
-
Click the Name or Description column headings to sort the table in alphabetical order.
Custom categories give you increased control over the corporate network and security policy. You can define the applications, Internet content, and services that belong to the new category. It is a global object that you can use for the Firewall and Networking rules, events, analysis and so on. These are the types of content that you can use to define a custom category:
-
Applications and custom applications
-
Services and custom services
-
Domains and Fully Qualified Domain Names (FQDN)
-
A Domain is a Second-Level Domain (SLD) and matches all subdomains. For example, the Domain example.com matches example.com, host.example.com, and subhost.host.example.com
-
FQDN is an exact match of the fully qualified domain (for example, the FQDN example.com only matches example.com)
-
When there are multiple content types in a custom category, such as a Domain Name and a Service, there is an OR relationship between them.
To create a custom category:
-
From the navigation panel, click Assets > Categories.
-
Click the Custom Categories tab.
-
Click New. The Add Category panel opens.
-
Enter the Name and Description for the category.
-
From the Members drop-down menu, select the content type that you are adding to this category.
-
Repeat the previous step to add more content types.
-
Click Apply. The custom category is added.
-
Click Save. The custom category is created.
You can delete one or more custom categories when they are no longer needed. You cannot delete system categories.
Value Sets are user defined categories that help you manage Application Control rules for groups of items such as URLs or email addresses. Value Sets contain comma-separated text strings which you can then use in Application Control rules. For more about using Value Sets in the Application Control policy, see Managing the Application Control Policy.
The Value Sets category is included in the CASB license. For more about purchasing a CASB license, please contact your Cato representative.
Note
Note: Value Sets are only used with the Application Control policy.
0 comments
Please sign in to leave a comment.