|
Entry |
Definition |
|---|---|
|
Always-On Policy |
Ensures the Client is always connected to the Cato Cloud, securing all traffic. Users are unable to disconnect the Client, but can temporally bypass the Cato Cloud. |
|
Anti-Malware |
Security policy implemented by Cato to prevent malicious files from entering a network. The Anti-Malware layer protects against malware threats based on known file signatures and from heuristic analysis. |
|
Authentication Token |
An authentication token serves as a digital proof of a user's successful identity verification. Two types of encrypted tokens are used: the IdP Token, which is generated by the Identity Provider (IdP), and the Cato Token, created by the PoP. |
|
Cato Cloud |
A global, cloud-native network designed to deliver unified security and networking services. It provides a platform for securing all enterprise network traffic, including branch locations, mobile users, and cloud resources. The Cato Cloud is made up of over 80 physical PoP locations around the world. |
|
Cato Management Application |
The single unified management console for your Cato account. Includes configuration, analytics, dashboards for the Network, Security, Access, account Administration and more. |
|
Client |
The application that enables users to connect securely to the Cato Cloud. Client versions are available for all operating systems |
|
Cloud Interconnect |
A Cato site type for locations that are establishing a secure Layer 2 connection to the Cato Cloud via partner data centers, bypassing public internet connections to offer better performance and reliability. |
|
Connect on Boot |
This setting initiates a Client connection to the Cato Cloud during the boot phase of the device boot phase. Once connected, the user is able to disconnect. |
|
Data Protection (DLP) |
Part of the Cato SaaS Security API service, the Data Protection policy monitors and controls how sensitive information is accessed, used, and shared in out-of-band traffic from remote users connecting directly to sanctioned cloud apps and not through the Cato Cloud. The Data Protection engine scans the traffic and prevents or detects the exfiltration of sensitive data according to the configured policy. |
|
Digital Experience Monitoring |
Digital Experience Monitoring (DEM) helps IT teams and helpdesk teams identify issues that impact user experience and resolve them by monitoring network, cloud, and application dependencies. DEM tracks and analyzes the performance of applications and users to help identify the root cause. |
|
Events |
Cato Networks events are records generated by the Cato Cloud, that capture important information and data about network traffic, security events, remote access users, system activities, and more. These events provide detailed insights into network traffic patterns, potential threat incidents, user activities, system configurations, and other data in your account. |
|
IPsec Site |
A Cato site type that uses IPsec tunnels to securely connect a physical or cloud-based location to the Cato Cloud. Generally IPsec sites are used for offices that use a third-party firewall or security service. |
|
Known Hosts |
The Cato Management Application maintains a dynamic, real-time list of hosts and devices that are connected to your Cato account. Known Hosts include detailed information such as IP addresses, operating systems, and current activity levels. |
|
Licensed User |
An individual provisioned into the Cato Management Application that has been assigned a license to connect to the Cato Cloud remotely. |
|
Native Range |
A LAN subnet within a site for IP address space that devices or services will use. It is used for routing and reachability within the network. The Native Range serves as the default gateway's subnet for devices. |
|
NG Anti-Malware |
Security policy implemented by Cato to prevent malicious files from entering a network. The NG Anti-Malware layer is based on machine learning malware detection technology and uses predictive models to classify files as benign, suspicious, or malicious. These models are able to detect unknown and zero-day malware. |
|
PoP (Point of Presence) |
A network node in Cato’s global private backbone, the Cato Cloud. Each PoP contains network, security, and access engines for the relevant traffic flows and connections. |
|
SaaS Security API |
A Cato security service that provides out-of-band visibility and control for sanctioned cloud apps, allowing monitoring and response to traffic from remote users connecting directly to the cloud apps and not through the Cato Cloud. The SaaS Security API engine uses API connectors to inspect the app traffic, and detect and protect against security threats and data breaches according to the Threat Protection and Data Protection policies. |
|
Security Checks |
The Cato SaaS Security API engine automatically runs these checks to review the security posture for each configured connector for sanctioned SaaS apps. The Security Checks page in the Cato Management Application shows the status of Cato's risk analysis for the connectors and recommendations for how to improve the security for the relevant connector. |
|
Site |
Represents a specific location or network edge that is connected to a PoP in the Cato Cloud. Site definitions include configuration, network segments and ranges, DNS settings, LAN Firewall, and so on. These are the Cato site types: Socket, vSocket, IPsec, and Cloud Interconnect. |
|
Socket |
A Cato hardware appliance which is an edge SD-WAN device that can use multiple links to connect a site to the Cato Cloud. Sockets provide a variety of networking and security features including: traffic balancing, link aggregation, dynamic path selection, policy-based routing, and more. |
|
Threat Protection |
Part of the Cato SaaS Security API service, the Threat Protection policy provides anti-malware protection for out-of-band traffic from remote users connecting directly to sanctioned cloud apps and not through the Cato Cloud. The Threat Protection engine scans the traffic and monitors or prevents the transfer of malicious files according to the configured policy. |
|
User |
An individual provisioned into the Cato Management Application that can be identified and added to policy rules. |
|
vSocket |
A virtual instance of a Socket for data centers and sites based in virtualized environments (public and private clouds). vSockets are deployed on a VM and has similar features and capabilities to a physical Socket appliance. |
|
WAN (Wide Area Network) |
The Cato Cloud is a WAN solution that combines networking and security capabilities. WAN traffic egresses from a PoP to resources in your account (sites, remote devices). |
Glossary of Cato Terms
- Updated
- 0 comments
0 comments
Please sign in to leave a comment.