Cloud Access and Optimization and Remote Access Cloud Datacenter Integration Cato tightly couples cloud datacenters into the SD-WAN, t p i O m i d z u a t o i l o effortlessly. All cloud providers — Amazon AWS, Microsoft C n Azure, Google Cloud, and others — connect into the Cato global private backbone by establishing redundant IPsec tunnels, which typically only have to cross the physical datacenter shared with the Cato PoP. In this way, Cato delivers the optimum cloud experience. Cloud datacenter traffic routes over the optimum path across the Cato global private backbone to the Cato PoP. From there, traffic is typically sent across the datacenter network to the cloud datacenter. This architecture eliminates the need for premium cloud connectivity services, such as AWS DirectConnect or Microsoft Azure Express Route. The integration is agentless, requiring no virtual appliances. For those who prefer a virtual appliance, Cato also offers its vSocket. Agentless configuration leverages the IPsec gateway connectivity available from all cloud providers avoids additional VM costs as well as the risk of modifying production server network configurations. Like all other traffic, cloud datacenter traffic is subject to full security inspection by Cato security services. Cloud Application Acceleration Cato also improves public cloud application performance, such as Office 365, Cloud ERP, UCaaS, and Cloud Storage. Latency is reduced by optimally routing cloud application traffic across Cato’s global, private backbone to the Cato PoP closest to the cloud application provider’s datacenter. Cato’s built-in WAN optimization maximizes end-to-end throughput to improve application performance, especially around bandwidth-intensive operations, such as file transfers. All traffic and files exchanged with the cloud application are subject to full security inspection within the Cato SASE Cloud. Secure Remote Access Cato extends the full range of its network and security capabilities down to remote and mobile users. Using a Cato Client or clientless browser access, users connect to the nearest Cato PoP and their traffic is routed optimally over the Cato global private backbone to applications on on-premises or in the cloud. Cato provides remote and mobile users with Zero Trust Network Access (ZTNA/SDP), allowing the most granular user access control down to specific applications. By contrast, legacy VPN solution limit access to entire subnets. All user activity is protected by Cato’s built-in network security stack, ensuring enterprise-grade protection to all users everywhere. Contact Us Ready for Whatever’s Next Cato SASE Cloud Solution Brief 9