Product Update - March 23rd, 2020

New Features & Enhancements

  • Suspicious IP Quarantine: This new IPS feature lets you temporarily block inbound traffic from malicious IP addresses. When these IPs aggressively scan a network in the account, IPS blocks this traffic for a few minutes. You can enable the feature in the IPS Policy section. Read more
  • Critcal IPS Protection for SMBv3 Vulnerability: According to this Microsoft advisory, attackers can exploit the SMBv3 vulnerability and execute code on target Windows computers.
    • We recommend that you immediately install the Microsoft patch (CVE-2020-0796) on all Windows computers in your organization.
    • Cato customers with IPS that blocks all traffic are automatically updated against this vulnerability. In addition, we strongly recommend that you enable IPS protection (Security > Threat Protection > IPS) with the Block action for all traffic. Read more about IPS
  • Enhancement for Log Exporter Records: We added AD (Active Directory) name to records that you export under the field name sourceUserId (the CEF key is suid). 
  • Introducing SSO for MDR Portal: For MDR customers, we now support SSO authentication to the MDR portal using the Cato Management Application credentials,

Cato Client Releases

  • Android VPN Client: During the next two weeks, a new version of the Android Client (v. 4.1) will be released and includes these features: 
    • VPN Office Mode support for IPsec sites (read more)
    • Enhanced support for captive portal 

PoP Announcements

Melbourne, Australia: An enhanced PoP is now available in Australia, and it is completely integrated into the Cato Networks ASN. 

Security Updates

  • IPS Signatures: 
    • CVE-2020-0796 (New)  
    • IOA - WindowsTab (New)  
    • Malware - AdSpy (New) 
    • Malware - Glupteba (Enhancement)

Knowledge Base Updates

Support Tickets Resolved

  • #25795, #32567, #32652, #33187, #35692, #35968, #36262, #36798, #36877, #36937, #37014, #37196, #37406, #37420, #37522, #37527, #37605, #37667

Was this article helpful?


Add your comment