New Features & Enhancements

• New Whitelist Policy for IPS: The IPS Whitelist section in the IPS Policy window (Threat Protection > Security > IPS Policy) lets you create a rule that whitelists specific traffic for IPS. Read more. 
• You can create an IPS whitelist rule directly from an event in Event Discovery  
• Configure the settings that define the traffic for each rule including: traffic scope, source, and destination. For example, you can whitelist a specific IPS signature for groups or network range.  
• Google SSO for Cato Clients: You can configure CC2 to use Google as an SSO provider for the Cato VPN Clients. Read more.
• LDAP sync isn't supported for Google.
• SSO Authentication for the Cato Management Application: Admins can now use Microsoft Azure and Okta as the SSO provider for the account to log in to the Cato Management Application. Read more. 
• You can configure the account to only authenticate with the SSO provider, or Cato user credentials. You can also allow admins to log in with both options.  
• Configure a custom subdomain for the account 
• Update to API Schema: The schema for the Cato API is updated to include new API Calls. The API schema version 34 has no impact on accounts that continue to use previous versions. We added new fields to AccountSnapshot > Sites > Devices and AccountSnapshot > Users > Devices. Read more.
• New Password Requirements for the Cato Management Application: As part of our effort to continuously improve security, there are new requirements for all new passwords. There is no impact on existing users.
• VPN Users - passwords length is between 8 - 32 characters, and must contain a number and alphabet character
• Cato Management Application Admins -  passwords length is between 8 - 32 characters, and must contain a number a lower case and upper case character.

Cato Client Releases

• Windows VPN Client v4.6: The Windows VPN Client v4.6 is now available on the MyVPN portal, and will be gradually deployed to all users during the week of January 11, 2021. This version includes the following bug fixes:
  • After changing VPN user on Client, temporarily lost Internet connectivity for several minutes (ENG-13961)
  • In some cases Client couldn't fallback to TCP, for version 4.5 and earlier (ENG-14409)
  • Sometimes the computer lost Internet connectivity while connected to the VPN (ENG-13608)
  • For silent upgrades, the computer restarted after the new Client version was installed (ENG-13463)
• iOS VPN Client v. 4.4.2: During the week of January 11th, we are planning to upload the iOS Client version 4.4.2 to the App store. This version includes performance enhancements and the following bug fixes:
  • When an iOS device started after sleep mode, sometimes the Client tried to connect to the VPN and temporarily blocked Internet connectivity (ENG-13749)
  • The iOS Client sometimes had a negative impact on Internet performance, downloading and uploading data (ENG-14618)

PoP Announcements

• Seoul, South Korea: We are planning to upgrade the PoP in Seoul and provide better service for connections to this PoP.

Security Updates

• IPS Signatures:
  • PuP – DroidRooter (New)
  • Malware – Phorpiex (New)
  • Malware – Brontok (Enhancement)
  • Malware – Ramnit (Enhancement)
  • Malware – Rootnik (New)
  • Malware - SpeesiPro (New)
  • Malware - Momentumbotnet (New)
  • Malware – VPNFilter (New)
  • CVE-2020-17047 (New)
• Application Database:
  • Kaspersky (Enhancement)
  • Carbon Black (New)
  • Telegram (Enhancement)
  • Zscaler (New)
  • Avast (Enhancement)
• Anti-Malware:
  • Added Support for LNK filetype (New)

Knowledge Base Updates

• Cato License Types

Support Tickets Resolved

• #45697, #51275, #52809, #59303, #60318, #62142, #63354, #63767, #64609, #64610, #64624, #64751, #64965