Glossary of Cato Terms

Entry

Definition

Always-On Policy

Ensures the Client is always connected to the Cato Cloud, securing all traffic. Users are unable to disconnect the Client, but can temporally bypass the Cato Cloud.

Anti-Malware

Security policy implemented by Cato to prevent malicious files from entering a network. The Anti-Malware layer protects against malware threats based on known file signatures and from heuristic analysis.

Authentication Token

An authentication token serves as a digital proof of a user's successful identity verification. Two types of encrypted tokens are used: the IdP Token, which is generated by the Identity Provider (IdP), and the Cato Token, created by the PoP.

Cato Cloud

A global, cloud-native network designed to deliver unified security and networking services. It provides a platform for securing all enterprise network traffic, including branch locations, mobile users, and cloud resources. The Cato Cloud is made up of over 80 physical PoP locations around the world.

Cato Management Application

The single unified management console for your Cato account. Includes configuration, analytics, dashboards for the Network, Security, Access, account Administration and more.

Client

The application that enables users to connect securely to the Cato Cloud. Client versions are available for all operating systems

Connect on Boot

This setting initiates a Client connection to the Cato Cloud during the boot phase of the device boot phase. Once connected, the user is able to disconnect.

Cross Connect Site

A Cato site type for locations that are establishing a secure Layer 2 connection to the Cato Cloud via partner data centers, bypassing public internet connections to offer better performance and reliability.

Data Protection (DLP)

Part of the Cato SaaS Security API service, the Data Protection policy monitors and controls how sensitive information is accessed, used, and shared in out-of-band traffic from remote users connecting directly to sanctioned cloud apps and not through the Cato Cloud. The Data Protection engine scans the traffic and prevents or detects the exfiltration of sensitive data according to the configured policy.

Events

Cato Networks events are records generated by the Cato Cloud, that capture important information and data about network traffic, security events, remote access users, system activities, and more. These events provide detailed insights into network traffic patterns, potential threat incidents, user activities, system configurations, and other data in your account.

IPsec Site

A Cato site type that uses IPsec tunnels to securely connect a physical or cloud-based location to the Cato Cloud. Generally IPsec sites are used for offices that use a third-party firewall or security service.

Known Hosts

The Cato Management Application maintains a dynamic, real-time list of hosts and devices that are connected to your Cato account. Known Hosts include detailed information such as IP addresses, operating systems, and current activity levels.

Licensed User

An individual provisioned into the Cato Management Application that has been assigned a license to connect to the Cato Cloud remotely.

Native Range

A LAN subnet within a site for IP address space that devices or services will use. It is used for routing and reachability within the network. The Native Range serves as the default gateway's subnet for devices.

NG Anti-Malware

Security policy implemented by Cato to prevent malicious files from entering a network. The NG Anti-Malware layer is based on machine learning malware detection technology and uses predictive models to classify files as benign, suspicious, or malicious. These models are able to detect unknown and zero-day malware.

PoP (Point of Presence)

A network node in Cato’s global private backbone, the Cato Cloud. Each PoP contains network, security, and access engines for the relevant traffic flows and connections.

SaaS Security API

A Cato security service that provides out-of-band visibility and control for sanctioned cloud apps, allowing monitoring and response to traffic from remote users connecting directly to the cloud apps and not through the Cato Cloud. The SaaS Security API engine uses API connectors to inspect the app traffic, and detect and protect against security threats and data breaches according to the Threat Protection and Data Protection policies.

Security Checks

The Cato SaaS Security API engine automatically runs these checks to review the security posture for each configured connector for sanctioned SaaS apps. The Security Checks page in the Cato Management Application shows the status of Cato's risk analysis for the connectors and recommendations for how to improve the security for the relevant connector.

Site

Represents a specific location or network edge that is connected to a PoP in the Cato Cloud. Site definitions include configuration, network segments and ranges, DNS settings, LAN Firewall, and so on. These are the Cato site types: Socket, vSocket, IPsec, and Cross Connect.

Socket

A Cato hardware appliance which is an edge SD-WAN device that can use multiple links to connect a site to the Cato Cloud. Sockets provide a variety of networking and security features including: traffic balancing, link aggregation, dynamic path selection, policy-based routing, and more.

Threat Protection

Part of the Cato SaaS Security API service, the Threat Protection policy provides anti-malware protection for out-of-band traffic from remote users connecting directly to sanctioned cloud apps and not through the Cato Cloud. The Threat Protection engine scans the traffic and monitors or prevents the transfer of malicious files according to the configured policy.

User

An individual provisioned into the Cato Management Application that can be identified and added to policy rules.

vSocket

A virtual instance of a Socket for data centers and sites based in virtualized environments (public and private clouds). vSockets are deployed on a VM and has similar features and capabilities to a physical Socket appliance.

WAN (Wide Area Network)

The Cato Cloud is a WAN solution that combines networking and security capabilities. WAN traffic egresses from a PoP to resources in your account (sites, remote devices).

Was this article helpful?

2 out of 2 found this helpful

0 comments

Add your comment