Remote workers and hybrid office solutions are the new reality and create challenges for securing remote access at the same time as providing the best user experience. Cato’s Zero Trust Network Access (ZTNA) provides remote users secure access to private applications. Implementing the zero-trust framework, Cato’s ZTNA first authenticates users (we recommend using MFA), and then grants them least privileged access, and ensures the user’s device posture. You can define the least privileged access rules on a highly granular basis to dramatically reduce the attack surface available to bad actors. Additionally, each remote-user session undergoes continuous deep content inspection to prevent sensitive data leaks and malicious threats.
Cato’s security extends to all traffic (not just WAN traffic) and secures access to and from the Internet. Security services include, Cato’s Cloud Access Security Broker (CASB) with both in-line and out-of-band protection. In addition, the Data Loss Prevention (DLP) service provides best-in-breed security and content inspection without backhauling traffic to a centralized data center.
Cato's ZTNA capabilities include:
Client and Clientless solutions
Device authentication and User Awareness for identity based policies
Continuous threat inspection of all ports and protocols
Cato's ZTNA optimizes global application access for remote users by optimizing the middle-mile of remote user-to-private application connectivity. The Cato Cloud backbone is a global, geographically distributed, SLA-backed network of over 70 PoPs, interconnected by multiple tier-1 carriers and Internet exchanges peered with over 500 networks and service providers.
In the articles listed below, we provide a high-level roadmap to onboard to Cato's ZTNA and ensure zero-trust access to WAN networks, servers and devices, Internet, and SaaS destinations with least privileged access and continuous threat assessments for all ports and protocols.