Advanced Threat Prevention Advanced Threat Prevention is a collection of network security and related defenses deployed to address current and emerging threats. IT organizations face the daunting task of maintaining complex infrastructure to identify and prevent advanced threats from penetrating the network. Cato Advanced Threat Prevention solves that problem, inspecting encrypted and unencrypted traffic at line rate for malware and network-based threats. TLS Inspection Intrusion Prevention With most Internet traffic encrypted, detecting Cato’s IPS leverages multiple layers and and preventing threats delivered within SSL/TLS technologies to block network attacks. traffic is critical. However, inline SSL/TLS traffic Network protocol validation detects inspection consumes significant processing protocol manipulations and malformed resources. Appliance-based security solutions packets. Context-aware signatures and face resource limitations as their hardware is often rules block attacks based on known CVEs, inadequate, forcing hardware upgrades outside unknown attacks based on network traffic of the budgetary cycle. As noted, Cato security behavior, and network scans. Internal services benefit from infinite compute power of and external reputation feeds enrich cloud. Cato inspects all TLS-encrypted traffic flows IPS intelligence. Geographic-based without impact on user experience or application restrictions minimize the threat landscape. performance. Legacy IPS technology requires extensive skills and management effort. IT teams Malware Protection need to evaluate new signatures, determine Cato’s network-based malware protection which ones to activate, validate they won’t leverages multiple, multilayered and tightly- disrupt the business, and consider the integrated anti-malware engines running in all performance impact on the IPS appliance Cato PoPs. The first layer includes a signature and the network. Those concerns simply and heuristics-based inspection engine, which don’t exist with Cato IPS. Like all Cato is kept up-to-date at all times based on global security services, the Cato Security threat intelligence databases, scans files in transit Research Lab and SOC manage the Cato across the Cato backbone to protect against IPS for you and ensure appropriate rules known malware. The second layer applies proven are applied against emerging threats with machine-learning algorithms from SentinalOne the proper validation and capacity analysis. to identify and block unknown malware, such Activation is simple. Cato customers as zero-day attacks or polymorphic variants only need to enable the IPS from their of known threats that are designed to evade management console to benefit from its signature-based inspection engines. With both prevention power. layers, connected endpoints are deeply protected against network-delivered malware. Contact Us Ready for Whatever’s Next Cato SASE Cloud Solution Brief 8
Cato Solution Brief Page 7 Page 9