Cato Networks XDR & EPP: Discovering the Essence of Next-Gen Network Security

Cato Networks XDR & EPP: Discovering the Essence of Next-Gen Network Security

No doubt you have already asked yourself the question, “What is happening in my network”. Then there are dozens of tools that provide visibility. It gets a lot harder when we start looking at the results to still see the forest for the trees there.

When you first read here that Cato Networks now also has an XDR solution, you won’t be immediately blown away just by this idea, indeed, you might find that they are late with it. Cato was basically built as a SASE solution (Although initially that name did not yet exist). Today, Cato builds all kinds of solutions around their SASE product that naturally fully integrate into it. Since Cato is already present on the endpoints with a VPN agent, it is only a small step to also see what unwanted movements are happening in the network from here.

Everything starts with data collection.

Where does Cato XDR get its information?

Initially, Cato is a kind of eco-system where all traffic passes through CATO’s backbone. Thanks to its single-pass architecture, a lot of traffic is decrypted – already – making in-depth analysis obvious.

From the cloud, API relationships can be established with many well-known cloud platforms such as Azure or Google, but equally Slack or Box. A learning process gets to know the behaviour of users towards (among others) these platforms and thus eventually recognise deviant behaviour. Think of data extraction, for example.

A specific example of an integration is Microsoft Defender. Companies that already have a Microsoft well-secured system can cumulate the information from the Defender agent with the information flow via Cato and thus make strong connections in a hacker’s behaviour.

Recently, Cato also has its own Endpoint Protection via a partnership with BitDefender. Not only does this eliminate the need for a 3rd-party EPP, there is no longer a need for a VPN agent as such on every device. Every device cooperates in the XDR system, including fixed internal workstations.

From that vast amount of information collected in Cato’s data lake, an AI engine filters out the important and relevant information (prioritising it), establishes relationships where possible and offers it in the form of what they call “Stories”. An intelligible story that serves up report-ready text and graphics on a plateau thanks to an AI text generator.

As we have come to expect from Cato networks, you will find everything in the Cato management platform in an accessible intuitive way.

Are you already a Cato user? Then take a look at the Stories dashboard under Monitoring, you get the core version of XDR as a gift. If you ask yourself what you would get with the pro version, take a look under Assets and Indications Catalog. You are just one click away from the full XDR solution.

No Comments

Post A Comment