Cato Networks Adds IPS to SD-WAN Service

Cato Networks claims it is the first company to integrate an intrusion prevention system (IPS) to its SD-WAN offering.

The Israel-based company on Monday rolled out Cato IPS-as-a-service, saying its attachment to SD-WAN makes it “context-aware.” Cato says  a traditional IPS struggles with encrypted traffic and can’t extend to mobile or cloud-based traffic.

The IPS from Cato offers unlimited inspection capacity and adaptively tuned signatures, and it expands across multiple branch locations as a result of SD-WAN.

“Today’s users work everywhere and so must their wide area networks. But advanced security must be built into the network to securely connect locations, cloud resources, and mobile users,” Cato said in its announcement. “With Cato IPS and the rest of Cato’s converged security services, Cato inspects and protects against threats in WAN and internet traffic without the administrative overhead, capacity constraints or restrictions of standard security appliances. Combined with its private backbone, the Cato Cloud makes securely connecting your business simple — again.”

“Context-aware” means that can identify suspicious traffic patterns using behavioral signatures and can access more context on more domains than the average IPS. Context can refer to the type of devices used, the user activity or the location of the activity. Level 7-application awareness, user identity awareness and geolocation are some of the offering’s attributes that facilitate recognition of the context. Cato says the geolocation function could have played an important role in stopping the recent WannaCry attacks

Cato shared a concrete example of how its IPS helped discover compromised devices within one of its manufacturing customers.

“The manufacturer relies on the Cato Cloud to connect and secure its three U.S. locations, five international offices and cloud instance,” the Monday announcement said. “Cato IPS identified that the machines were communicating with a C&C server that is used to spread Andromeda bot malware.”

Security is one of the buzzwords that surrounds SD-WAN, which is a buzzword in and of itself. A recent survey from Cato showed that security is one of the main obstacles facing companies that implement SD-WAN.