New Features & Enhancements
- Suspicious IP Quarantine: This new IPS feature lets you temporarily block inbound traffic from malicious IP addresses. When these IPs aggressively scan a network in the account, IPS blocks this traffic for a few minutes. You can enable the feature in the IPS Policy section. Read more.
- Critcal IPS Protection for SMBv3 Vulnerability: According to this Microsoft advisory, attackers can exploit the SMBv3 vulnerability and execute code on target Windows computers.
- We recommend that you immediately install the Microsoft patch (CVE-2020-0796) on all Windows computers in your organization.
- Cato customers with IPS that blocks all traffic are automatically updated against this vulnerability. In addition, we strongly recommend that you enable IPS protection (Security > Threat Protection > IPS) with the Block action for all traffic. Read more about IPS.
- Enhancement for Log Exporter Records: We added AD (Active Directory) name to records that you export under the field name sourceUserId (the CEF key is suid).
- Introducing SSO for MDR Portal: For MDR customers, we now support SSO authentication to the MDR portal using the Cato Management Application credentials, https://catomdr.zendesk.com/
- You can also continue to use your Zendesk credentials: https://catomdr.zendesk.com/access/normal
Cato Client Releases
- Android VPN Client: During the next two weeks, a new version of the Android Client (v. 4.1) will be released and includes these features:
- VPN Office Mode support for IPsec sites (read more)
- Enhanced support for captive portal
Melbourne, Australia: An enhanced PoP is now available in Australia, and it is completely integrated into the Cato Networks ASN.
- IPS Signatures:
- CVE-2020-0796 (New)
- IOA - WindowsTab (New)
- Malware - AdSpy (New)
- Malware - Glupteba (Enhancement)
Knowledge Base Updates
- Troubleshooting Cato Windows VPN Client Installation Issues
- Cato Socket Deep Knowledge
- Part 1: The Socket Interfaces and Precedence
- Part 2: PBR and Network Rules within the Socket
- Part 3: The Socket Traffic Prioritization and QoS
- Explaining the Cato TCP Acceleration and Best Practices
- Performance Troubleshooting: Socket Behind a Third-Party Firewall
Support Tickets Resolved
- #25795, #32567, #32652, #33187, #35692, #35968, #36262, #36798, #36877, #36937, #37014, #37196, #37406, #37420, #37522, #37527, #37605, #37667