Security Service Edge (SSE) Cato SASE Cloud is powered by a cloud-native WWW security service edge (SSE), Cato SSE 360. Cato SSE 360 is built using the Cato Single Pass Cloud Engine (SPACE) architecture and converges the following capabilities: Secure Web Gateway (SWG), FWaaS ZTNA SWG Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), Zero Trust Network Access CASB SPACE IPS (ZTNA), and Firewall as a Service (FWaaS) with DLP NGAM Advanced Threat Prevention (IPS, Next Generation RBI Anti-malware), which is managed by the Cato SOC (Security Operations Center). These security capabilities form the basis of a comprehensive Managed Threat Detection and Response (MDR) service that is provided as part of Cato’s managed services offering. All capabilities seamlessly scale to process all customer traffic, encrypted and unencrypted, without the need for sizing, patching, or upgrading appliances and point solutions. Cato protects user privacy and fully complies with GDPR. Inspected data is never stored on Cato servers or shared with third-parties. Customers are able to exclude privacy-sensitive applications, such as banking and healthcare, from inspection. In addition, Cato complies with SOC 1 and 2, and ISO 27001, 27017, 27701, and 27018. Next-generation Firewall The Cato NGFW operates across every Cato PoP, protecting the entire organization with a unified application-aware and user-aware security policy — all without the cost and complexity of upgrading and maintaining individual firewall appliances. Cato’s NGFW uniquely provides: • Complete visibility, inspecting all WAN • Unified security policy, enforcing one and Internet traffic for fixed and mobile granular policy and rule base that extends from users. There are no blind spots, no need one user to the entire business. The rule base to deploy multiple security appliances is common to all security functions and traffic or tools. types. There is no need to associate policies • Unlimited scalability, applying security with distinct appliances or point products. policies and inspecting any traffic mix • Simple lifecycle management, eliminating (encrypted and unencrypted) at line the need to size, upgrade, patch or refresh rate. We ensure processing power firewalls. Customers are relieved of the and network capacity always meet ongoing grunt work of keeping their network committed service levels. security current against emerging threats and evolving business needs — or being forced into paying more so their telco will do it for them. Contact Us Ready for Whatever’s Next Cato SASE Cloud Solution Brief 6