Working with the Cato Management Application

This article discusses how to work with the Cato Management Application (CMA) to configure settings and policies for your account.

Propagating Settings to Your Account

The CMA is the unified management console for managing your account. When you save changes or publish policies, the new settings are saved to a central database and then gradually propagated to the PoPs in the Cato Cloud. During the propagation, there are several phases of automated checks are performed to validate the configuration and prevent the impact of a bad configuration to the entire Cato Cloud.

The multi-tenant system of the CMA applies the configuration changes from all tenants across the Cato Cloud in real-time. Any specific saved configuration for settings and policies can take up to 5 minutes to propagate and apply to all PoPs and to your entire account.

Recommended Web Browsers for the CMA

These are the recommended browser and settings for the best experience for working with the CMA:

  • The optimal screen resolution for the CMA is 1920 x 1080

  • Recommended browsers:

    • Chrome

    • Edge

Understanding Idle Timeout for the CMA

If you don't manually log out of the CMA, then the default behavior for the CMA is to automatically log out after one hour of inactivity in the browser window.
​When you are logged out of the CMA, settings for the ​policy revisions​​ are saved for the next time that you log in.

Screens That Are Always Active with Real-Time Data

To help you monitor activity in your network, some of the screens in the CMA remain active with up-to-date real-time data as long as the browser is open.

These are the CMA screens that continuously refresh while the browser is open:

  • Home > Topology

  • Network > Site Monitoring > {Site name} > Network Analytics

  • Network > Site Monitoring > {Site name} > Real Time

Understanding Secure Login with CAPTCHA

To enhance account security, the admin authentication flow for the CMA includes CAPTCHA protection. The CAPTCHA protection is invisible to the admin and runs in the background to prevent unauthorized access by bots. This ensures a safer experience without disrupting the regular login process. In rare cases, admins may be prompted to re-enter their credentials to prove they are human and complete the login. CAPTCHA protection is not relevant for SSO-authenticated admins.

Requirements for Account Names

These are the requirements for account names in the CMA:

  • Maximum of 56 characters

  • ASCII characters and digits are supported

  • Quotation marks are not supported (ie. "example-account" is an invalid account name)

Entity Limits per Account

You can create a range of entities in the CMA to meet the requirements of your organization. These are the maximum number of entities that you can create for the relevant item (entire account, site, or group).

Description

Maximum Limit

Groups

(Resources > Groups)

140,000

Members per Group

(Resources > Group > {group name} > Members)

50,000

Hosts per Site

(Network > Sites > {site name} > Site Configuration > Hosts)

3,500

Network Ranges per Socket LAN Interface

(Network > Sites > {site name} > Site Configuration > Networks)

1000

Local Routing Rules per Site

(Network > Sites > {site name} > Site Configuration > Local Routing)

100

Was this article helpful?

1 out of 2 found this helpful

0 comments

Add your comment