**Editor’s Note: Click here to see which channel people were on the move in January.**

Cato Networks launched today its Cato Cloud “network security-as-a-service” platform, aimed at protecting distributed, cloud-centric and mobile-first companies as well as those making inroads into the Internet of things.

Cato, which was founded in January 2015, recently secured $20 million in series A funding. Founders Shlomo Kramer and Gur Shatz have deep security roots — Shatz was the CEO of cloud-based security provider Incapsula, while Kramer, who will join a keynote panel at the upcoming Channel Partners Conference & Expo, helped found Check Point and Imperva.

Glenn Esposito, formerly Barracuda’s senior vice president of sales, recently signed on to run Cato’s U.S. channel program.

“Cato will be 100-percent channel focused,” Esposito told Channel Partners. “Our goal is to simplify and strengthen network security by addressing the dissolving perimeter and using the cloud to overcome the limitations and constraints of network security appliances. Cato’s solution addresses the growing challenge of network security cost and complexity for enterprises of all sizes — particularly midmarket companies that are resource-constrained and lack in-house security expertise.”

Esposito says the premise is to re-establish a network perimeter in the cloud, then secure it.

“We plan to launch our partner program later this month,” he said. “The program will be a traditional discount-from-list model and have three program tiers.” In addition to filling an open niche in a typical channel partner portfolio, as Cato continues to add to its roster of value-added network security capabilities, he says partners will have the ability to increase incremental revenue.

“We believe the recurring revenue model is very attractive to the entire channel ecosystem,” he says.

Defense In Depth

The traditional concept of perimeter security is dangerously outdated. Data may reside in the cloud, at remote branch locations, on personally owned mobile devices and, increasingly, within IoT nodes. As more applications are delivered in an as-a-service model, traffic patterns on the network are changing dramatically as well. Legacy WAN approaches, such as backhauling traffic to a central data center for analysis, add latency and complexity while increasing bandwidth costs. Installing multiple appliances at remote sites isn’t an attractive alternative.

“Network security appliances did a good job securing the simple networks of the past, but today’s perimeter-less networks are increasingly difficult to manage, optimize and secure,” says Kramer. “Network security must scale and adapt quickly to support new business requirements and the evolving threat landscape. However, the current appliance-based infrastructure can’t keep up and is too expensive and too complex to sustain, especially for midsize and resource-constrained companies.”

The Cato Cloud comprises two layers: the Cato Cloud Network, which is based on a global, geographically distributed PoP network, and Cato Security Services, a suite of enterprise-grade network security capabilities delivered through the cloud. The integrated platform includes a next-gen firewall with application control, a global VPN, URL filtering and other controls.

The service, which is managed by Cato’s network and security operations center, consolidates a customer’s infrastructure — branch locations, mobile devices, physical and cloud-based servers and WAN and broadband Internet links — into an encrypted network, then secures traffic regardless of source or destination. A cloud-based management console provides visibility for IT administrators and service providers as well as the ability to apply policies uniformly across users, locations, data and applications.

Esposito says Cato Networks represents a shift in the way network security is delivered and managed. “Our goal is to simplify and strengthen network security by addressing the dissolving perimeter and using the cloud to overcome the limitations and constraints of network security appliances,” he says.

Esposito told Channel Partners that, for now, the company will focus on recruiting MSSPs, network security-focused VARs and VARs that are transitioning (or plan to transition) their businesses to an MSSP model. “There is no capital expense investment required, so this means a faster path to ROI, and since we’re a multi-tenant cloud-based platform, it will be less complex and costly to manage for the partner,” he said. “Additionally, we’ll be pursuing relationships with ISPs and possibly telcos.”

Cato’s plan to partner with ISPs and telcos is timely. As big IT companies like HP and Dell are distracted by splits and acquisitions, AT&T, NTT, Verizon and others are looking to managed security services to add revenue and aid customer retention. Research and Markets expects the global managed security services market to expand at a CAGR of about 11 percent through 2019 and says AT&T and Verizon are among the top four market-share leaders, along with Dell and IBM.

Our take: The more workloads move to the cloud, the more attractive managed and “as a service” security looks to CISOs.

Of course, plenty of security vendors get this and are chasing that opportunity. This is a crowded market with carriers, lots of specialized startups, plus Cisco, IBM and Microsoft making infosec core to their businesses. We asked Esposito what makes Cato unique amid the wealth of options facing resellers.

“What makes Cato different is that we provide a new, holistic platform, that tightly integrates the networking and network security pillars — not yet another point solution,” he says, “The Cato Cloud connects all enterprise network elements, including branch locations, the mobile workforce, and physical and cloud data centers, into a unified global, encrypted and optimized network. Cato then applies a set of enterprise grade, agile and elastic security services to secure the traffic inside the organization and to the Internet.”

He adds that the service enables customer cost savings by reducing appliance sprawl and traffic backhaul while enabling access control for cloud-based applications.

Then there’s speed of patching. “Using a cloud platform for security allows for rapid adaptation to new security threats, a key requirement to keeping up with the threat landscape, without the need to upgrade and patch numerous point solutions,” he says.

Finally, Esposito says that a selling point for partners and customers is that the Cato Cloud is an integrated platform, not best-of-breed point products, an argument we’ve heard from Cisco as well.

“This is key for resource-strapped enterprises, especially in the midmarket, that can’t afford to integrate and manage multiple point solutions,” he says.

Follow executive editor @LornaGarey on Twitter.