New Features and Enhancements
-
New Best Practice Check for Socket Site Resilience and Recovery: Cato's WAN Recovery feature is one of multiple recovery features that provide resiliency if your Socket sites can't communicate using the Cato Cloud. We are introducing a Best Practice check to verify that WAN Recovery is enabled on your Socket sites.
- The check is 'Passed' when all sites are configured correctly for WAN recovery. Otherwise, the check shows the sites that are not ready.
-
Static MAC Entry for Socket Sites: To support connectivity with devices that do not support ARP, you can now manually add the MAC addresses as a static entry for Socket sites in the Site Configuration > Advanced Configuration page.
- Available for Socket v20 and higher
- New IdPs for SSO Authentication: JumpCloud and SafeNet Trusted Access can now be used by remote users to authenticate with SSO.
-
DEM for App Performance and User Experience: Starting Nov. 3, 2024, we are releasing the enhanced Digital Experience Monitoring (DEM), which proactively monitors the performance of sites, users, and apps. You can seamlessly start using DEM without deploying any agents or configurations.
-
Network path analysis to pinpoint issues for sites and users
- DEM for remote users requires installing the Cato Client, but no SDP license
- Identify user experience anomalies in your account
- Create scheduled reports that summarize the overall account experience and highlight top issues
- An additional license is required for DEM features
-
Network path analysis to pinpoint issues for sites and users
Go to the Cato Product Roadmap in the Knowledge Base to follow the status of upcoming features and enhancements.
Security Updates
-
IPS Signatures:
- View more details about the IPS signatures and protections in the Threats Catalog:
-
ElonMuskIsGreedy - Ransomware (New)
-
Socks5Systemz - CnC Connection (New)
-
Bixi Ransomware - (Enhancement)
-
Cipher (Proton) Ransomware - (Enhancement)
-
Dark Eye Ransomware - (Enhancement)
-
Defi Ransomware - (Enhancement)
-
Eject Ransomware - (Enhancement)
-
Foxtrot Ransomware - (Enhancement)
-
Pgp Ransomware - (Enhancement)
-
Secdojo Ransomware - (Enhancement)
-
Shadaloo Ransomware - (Enhancement)
-
Solution Ransomware - (Enhancement)
-
Stop/Djvu Ransomware - (Enhancement)
-
Stormous Ransomware - (Enhancement)
-
The Bully Ransomware - (Enhancement)
-
ZAKI ESCOVINDA Ransomware - (Enhancement)
-
CVE-2024-38816 (New)
-
CVE-2024-38200 (New)
-
CVE-2024-25852 (New)
-
CVE-2023-47253 (New)
-
CVE-2024-20439 (Enhancement)
-
CVE-2021-28799 (Enhancement)
-
- View more details about the IPS signatures and protections in the Threats Catalog:
-
Suspicious Activity Monitoring
- These protections were added to the SAM service:
-
Download pstools heuristic (New)
-
Download Rclone Official Site (New)
-
LNK File Download over HTTP (New)
-
Ngrok agent established tunnel - new domains (New)
-
PsExec After Downloading PsTools (New)
-
ScreenConnect Download (New)
-
- These protections were added to the SAM service:
-
Apps Catalog
- More than 100 new Cloud apps (see Apps Catalog):
-
SmartRoom (New)
-
Azure Digital Twins (Enhancement)
-
Barco (Enhancement)
-
Carlsberg Breweries A/S (Deprecated)
-
Centrastage renamed to Datto RMM (Enhancement)
-
Egnyte (Enhancement)
-
OpenVPN protocol (Enhancement)
-
Squarespace (Enhancement)
-
Zscaler (Enhancement)
-
- More than 100 new Cloud apps (see Apps Catalog):
-
Application Control (CASB and DLP):
- Enhanced granular activities for the following apps:
- Granular App: Dropbox Download Multiple Files (New)
- Granular App: OneDrive Sync files (Enhancement)
- Granular App: YouTube - Watch (Enhancement)
- Enhanced granular activities for the following apps:
-
TLSi:
- ChatGPT native client on MacOS - default bypass
-
Device Inventory:
- These are the updates to the Device Inventory detection engine:
-
IOT:
- Docking Station
- Action Star (Enhancement)
- Printer
- Xerox (Enhancement)
- Zebra (Enhancement)
- VoIP
-
- Cisco (Enhancement)
- Grandstream Networks (Enhancement)
- OT, IOT
- Power Device
- APC (Enhancement)
- Eaton (Enhancement)
- Power Device
-
Mobile:
- Mobile Phone
-
- Samsung (Enhancement)
- Networking:
- Network Appliance
- Aruba Networks (Enhancement)
- Netgear (Enhancement)
- Network Appliance
-
- These are the updates to the Device Inventory detection engine:
Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.
0 comments
Please sign in to leave a comment.