Overview of Cato's Threat Prevention

Threat Prevention in the Cato Cloud

The Cato Cloud contains Threat Prevention engines that can inspect WAN and Internet traffic for malicious files and malware attacks. Traffic that is sent over MPLS or bypasses the Cato Cloud is not inspected by these engines. One Threat Prevention policy is applied to all sites in the account.

Note

IMPORTANT! - We strongly recommend that you enable TLS inspection so that the Threat Prevention services provide the maximum protection for your network.

Cato Networks Threat Prevention Engines

These are the Threat Prevention engines that inspect traffic in the Cato Cloud:

  • Anti-Malware - Protects against malicious files based on known file signatures and from a heuristic analysis

  • NG Anti-Malware - Protects against unknown and zero-day malicious files based on machine learning and predictive models

  • Intrusion Protection System (IPS) - Protects against known vulnerabilities, bots, and other malicious attacks

Was this article helpful?

3 out of 3 found this helpful

2 comments

  • Comment author
    Dwight Wilhelm

    LInks to the Overview of the Unified Anti-Malware Policy and Configuring the Unified Anti-Malware Policy are broken.

  • Comment author
    Yaakov Simon

    Dwight,

    Thanks! Links are updated and fixed.

    Yaakov

Add your comment