Some customers are asking what is better, Cato Socket or IPSec. To start with the bottom line, Cato always recommends to go with Socket deployment.
Cato Socket
a. Cato Socket includes optimized PoP selection. This allows the socket to automatically connect to the "best" PoP available which allows for the least amount of network latency.
b. Cato Socket includes automatic re-route of traffic to a different PoP if a connectivity issue is seen with the current PoP.
c. Cato Socket includes QoS services.
d. Better managed and remote control abilities.
e. Last Mile Monitoring and troubleshooting tools are available for the Cato Socket.
IPSec
a. IPSec deployments are statically assigned to a specific PoP. If there is an issue with connectivity to the PoP, the tunnel can go down. No automatic re-route to another PoP is supported.
b. IPSec implementation can lead to disconnects due to different vendors implementation of IPSec protocol.
c. No way to configure Active-Active.
Comments
2 comments
Does this also apply to Cloud Datacenters with vSockets?
Helo Elvind!
My apologies for not responding to this earlier! The AWS and Azure versions of the vSocket should provide the features defined here. You would need to check the relevant information for the different type of vSockets (AWS and Azure) to see if there are any other limitations. I recommend you check the following articles and let us know if they provide you with the information you are looking for:
Please let us know if this is the information you were looking for!
Kind Regards,
Dermot Doran (Cato Networks)
Please sign in to leave a comment.