support.catonetworks.com
Open in
urlscan Pro
104.16.51.111
Public Scan
URL:
https://support.catonetworks.com/hc/en-us/articles/360011568478
Submission: On July 24 via manual from GB — Scanned from GB
Submission: On July 24 via manual from GB — Scanned from GB
Form analysis 1 forms found in the DOM
GET /hc/en-us/search
<form role="search" class="form-field mb-0" data-search="" data-instant="true" autocomplete="off" action="/hc/en-us/search" accept-charset="UTF-8" method="get"><input name="utf8" type="hidden" value="✓" autocomplete="off"><input type="hidden"
name="category" id="category" value="4964852963229" autocomplete="off">
<input type="search" name="query" id="query" placeholder="How can we help?" autocomplete="off" aria-label="How can we help?">
</form>Text Content
Skip to main content
Toggle navigation menu
Release Notes Community Submit a request Sign in
CATO NETWORKS KNOWLEDGE BASE
SEARCH
1. Cato Knowledge Base
2. Documentation
3. Tech Articles
4. Access Control and Threat Protection
ANALYZING SECURITY EVENTS ACCORDING TO THREAT REPUTATION
FollowNot yet followed by anyone
OVERVIEW
The Security research team in Cato Networks has developed analytical engines to
tag malicious IP addresses, URLs, and domain names with a bad reputation. This
reputation indicates that we discovered that the specific IP address, URL, or
domain initiated suspicious or malicious activity. For example, malware C&C,
network scanners, phishing activity, and so on.
The IPS engine in the Cato Cloud blocks network traffic that is tagged with a
bad reputation and generates a reputation-based security event with the threat
type Reputation.
The following screenshot shows an example of a security event with the
Reputation threat type from Event Discovery:
REASONS FOR BLOCKED TRAFFIC
When Cato's IPS engine identifies potentially malicious traffic and blocks it
based on the threat reputation, the threat name field explains the reason why
the traffic was blocked.
Values for the threat name field include, but are not limited to:
* Domain reputation based signature - Phishing
* Reputation IP based signature - Botnet
* IP reputation based signature - Malicious IP
* Domain reputation based signature - Malicious Domain
* IP reputation based signature - Abuse
* URL reputation based signature - Malicious URL
WHAT ARE THE DIFFERENT THREAT TYPES?
Each Security Event generated within the Cato Management Application is
categorised by a field called threat type. This field displays a high-level
overview of the type of threat that Cato has protected you against, and
provides you with an indication of any potential malicious activity.
The threat types which may be displayed in a Security Event include:
* Spam
* Brute Force
* Scanner
* Phishing
* Policy Violation
* Crypto Mining
* Anonymizer
* DoS
* Network Scan
* Vulnerability Scan
* Information Disclosure
* Privilege Escalation
* Reputation
* Remote Code Execution
* PuP
* Web Application Attack
* Malware
* Malicious Browser Extension
SAMPLE THREAT REPUTATION SECURITY EVENT WORKFLOW
1. The Security research team identifies that a domain is potentially a source
of malicious attacks.
2. The domain is tagged with a bad reputation and the IPS engine is updated.
3. An end-user tries to access the domain, and IPS blocks the connection and
generates a Security event with the threat type Reputation.
WHAT'S THE SIZE OF CATO'S THREAT DATABASE?
The Threat Database at Cato Networks is constantly evolving in line with the
ever-changing threat landscape. We continuously improve the size and scope of
our threat detections to ensure maximum protection for our end customers. For
representative figures, as of July 8th 2021 we currently have, but are not
limited to:
* 750+ million domains and 32+ billion URLs classified
* 80+ site categories, including high-risk categories
* 6 million dangerous IPs correlated with URLs
PREVIOUS ARTICLE
Cato Apps Catalog - Internet Firewall
NEXT ARTICLE
Testing TLS Inspection in the Cato Cloud
WAS THIS ARTICLE HELPFUL?
Yes No
1 out of 1 found this helpful
RELATED ARTICLES
* What is the Cato Anti-Malware Policy?
* Best Practices for Cyber Security and the Cato Cloud
* Installing the Root Certificate for TLS Inspection
* Securing Browsing Sessions Through Remote Browser Isolation (RBI)
* Product Update - June 27th, 2022
COMMENTS
0 comments
Please sign in to leave a comment.
CATEGORIES
* Documentation
* Cato Management Application Documentation
* Monitoring
* Using the Topology Screen
* Analyzing Events in Your Network
* Explaining the Event Fields
* Analyzing Traffic for all Account Sites
* Showing User Analytics with SDP Users Overview
* Showing The Routing Table for Your Account
* Using the SDP Users Dashboard
* Using the Threats Dashboard
* Generating a Security Events Report
* Generating an Application Analytics Report
* Working with the MITRE ATT&CK® Dashboard
* Working with the Stories Dashboard
* Reviewing Detection & Response Stories for Your Account
* Using the DLP Dashboard
* Using the Applications Analytics Screen
* Using the App Catalog
* Using the Threat Catalog
* Identifying the Category for a Domain
* Using the Admin Audit Trail
* Setting the Time Range Filter
* Network
* Site Configuration
* Cato Cross Connect Sites
* Getting Started with Cato Cross Connect Sites
* Cross Connect for AWS Public Cloud
* Cross Connect for Azure Public Cloud
* Cross Connect for GCP Public Cloud
* Cross Connect for Oracle Public Cloud
* Cato Cross Connect Availability
* IPsec Sites
* Configuring IPsec IKEv2 Sites
* Configuring an IPsec IKEv2 Site for a Firewall/Router with Dynamic
IP
* Configuring IPsec IKEv1 Sites
* Troubleshooting IPsec Connectivity
* Cato Cloud to Cisco IOS/IOS-XE via HA IPSec Tunnels
* Cato Cloud to VMware Edge via HA IPsec Tunnels
* Cato Cloud to FortiGate via HA IPSec Tunnels (CLI Guide)
* Cato Sockets
* Working with X1500, X1600 and X1700 Socket Sites
* Configuring Link Aggregation for a Socket
* Using Sockets in a High Availability (HA) Deployment
* BGP
* Using BGP in the Cato Cloud
* Cato Reserved BGP Communities
* Defining BGP Neighbors
* Configuring BGP Neighbors for a Cato Socket
* Configuring BGP Neighbors for an IPsec Connection
* Using the Cato Management Application to Add Sites
* Working with Sites
* Configuring Network Ranges for a Site
* Configuring the Socket LAN Firewall Policy
* Local Routing at the Socket
* Upgrading the Local Routing Policy to the LAN Firewall
* Defining Hosts for a Site
* Working with LAN Monitoring for a Site
* Bypassing the Cato Cloud
* Configuring Local Port Forwarding
* Advanced Configurations for a Site
* Site Monitoring
* Showing the Site Network Analytics
* Monitoring a Site with a Snapshot
* Analyzing QoS and Bandwidth Management for a Site (Priority
Analyzer)
* Analyzing Data for a Site in Real Time
* vSocket Sites
* Configuring an AWS vSocket Site
* Configuring High Availability (HA) for AWS vSockets
* Configuring an Azure vSocket Site
* Configuring High Availability (HA) for Azure vSockets
* Example Cloud Deployment Templates
* Copying the Azure vSocket VHD Image with SAS
* Configuring a VMware ESXi vSocket Site
* Network Rules & QoS
* Configuring Network Rules
* What is the Cato Network Rulebase
* What are the Cato Bandwidth Management Profiles
* Configuring Bandwidth Management Profiles
* Overriding Bandwidth Management Profiles for a Site
* Routing Traffic to an Off-Cloud Link
* Internet Traffic Backhauling
* Configuring Internet Traffic Backhauling
* Backhauling Traffic to a LAN Device
* Hairpinning Traffic to the Same Site
* Backhauling Traffic via a Socket's WAN Interface IP Address
* Backhauling Traffic via an IPsec Site
* Cato DHCP
* Configuring DHCP Settings
* Configuring Cato as the DHCP Relay
* Showing Known Hosts for a Site
* Showing the DHCP Pools for a Site
* Connection SLA
* Configuring the Connection SLA Settings
* Defining a Preferred PoP for a Site
* Configuring a Last-Resort Link
* Customizing the WAN Keepalive Frequency
* Defining DNS Forwarding Rules
* Monitoring the Last Mile for the Account
* Creating Floating Ranges for an Account
* Configuring DNS Settings
* Configuring Remote Port Forwarding for the Account
* Accelerating and Optimizing Traffic
* Allocating IP Addresses for the Account
* Working with Link Health Rules
* Access
* Directory Services
* Provisioning Users With SCIM
* SCIM Provisioning with Azure
* SCIM Provisioning with Okta
* SCIM Provisioning with OneLogin
* Provisioning Users With LDAP
* Provisioning Users with LDAP
* Configuring LDAP Sync and SSO with OneLogin
* Configuring Directory Services with Okta LDAP
* Changing Between SCIM and LDAP User Provisioning
* Activating SDP Users
* Working with SDP Users
* Overview of Directory Services and User Awareness
* Configuring the Windows Server for Directory Services
* Changing the Email Address or User Principal Name of SDP Users
* Browser Access
* Browser Access Portal Overview - Securing Remote Access to
Applications
* Configuring the Browser Access Portal
* Defining the Browser Access Policy
* Managing Applications for the Browser Access Portal
* Client Access
* Zero Trust Device Security With Cato
* Controlling Certified Corporate Devices (Device Authentication)
* Configuring Split Tunnel for SDP Clients
* Split Tunnel Configuration for Specific SDP Users
* Providing Cato With SDP User Feedback
* Using Windows Pre Login and the SDP Client
* Protecting SDP Users with Always-On Security
* Configuring the Authentication Policy for Cato Clients
* Configuring SDP Client Settings for the Account
* LAN Blocking for the Windows Client
* Defining a Proxy Configuration File URL
* Configuring the Client Upgrade Policy
* Upgrading macOS Clients with an MDM
* Configuring Settings for the macOS and iOS Clients
* Cato SDP Clients
* Summary of Cato Client Releases
* Summary of Cato Client Releases
* Summary of Cato Windows Client Releases
* Summary of Cato macOS Client Releases
* Summary of Cato iOS Client Releases
* Summary of Cato Android Client Releases
* Summary of Cato Linux Client Releases
* MAC Address of SDP Clients
* Recording Issues Using the SDP Client
* How to Collect SDP Client Logs
* Best Practices for Cato Client Upgrades
* Customizing the Cato Client
* Access Features per Client OS and Version
* Installing the Cato Client
* Deploy Cato SDP Client with Intune (Windows)
* Using Captive Portal Detection with Cato Clients
* End of Support (EoS) Policy for Cato Clients
* Improved SSO Workflow for Cato Clients
* Understanding Expiring Session for SDP Users
* Installation Guides for Cato SDP Clients
* Supported Throughput for Cato SDP Clients
* Managing SDP Clients with the Cato User Portal
* Cato Client Privacy Data Sheet
* Single Sign-On
* Configuring Azure SSO for Your Account
* Configuring Okta SSO for Your Account
* Configuring Google SSO for Your Account
* Configuring SSO and the Subdomain for the Account
* SSO Session Behavior for Windows SDP Client
* User Awareness
* Adding User Awareness to Directory Services
* Using Cato Identity Agents for User Awareness
* Managing User Awareness Exceptions
* Working with User Groups
* Adding Reverse DNS Lookup Hosts
* Using an Identity Provider for Your Cato Account
* What is the Client Connectivity Policy?
* Configuring the Client Connectivity Policy
* Creating Device Posture Profiles and Device Checks
* IP Allocation Policy
* Configuring Office Mode
* Isolating and Securing Customer Traffic in Cato Multi-Tenant Cloud
* Working with Analytics for Specific SDP Users
* Monitoring Users with a Snapshot
* Configuring Access Control with MAC Address Authentication
* Exporting SDP User Data
* Security
* Internet & WAN Firewalls
* What is the Cato Internet Firewall?
* Managing Internet Firewall Rules
* What is the Cato WAN Firewall?
* Managing the WAN Firewall Rules
* Sample WAN Firewall Rulebase
* Adding Device Conditions to Firewall Rules
* Adding Sections to the WAN and Internet Firewalls
* IPS Service
* Configuring the IPS Policy
* Allowlisting IPS Signatures
* Customizing the DNS Protections for IPS
* Monitoring Suspicious Activity with IPS (SAM)
* Cloud Access Security Broker (CASB)
* What is the Cato CASB Solution
* Managing the Application Control Policy
* Controlling Access to SaaS Application Tenants with Header Injection
* Managing Tenant Control for SaaS Applications
* Working with the Cloud Apps Dashboard
* Data Loss Prevention
* What is the Cato DLP Service
* Creating the Data Control Policy
* Creating DLP Content Profiles
* Working with Custom Data Types for DLP
* Using MIP Sensitivity Labels in your Cato DLP Policy
* Cato SaaS Security API
* What is SaaS Security API
* Configuring the SaaS Security API Connector for Microsoft OneDrive
* Configuring the SaaS Security API Connector for Microsoft SharePoint
* Configuring the SaaS Security Connector for Microsoft Exchange
* Configuring the SaaS Security API Connector for Box
* Configuring the SaaS Security API Connector for Google Drive and
Gmail
* Configuring the SaaS Security API Connector for Slack
* Reviewing Security Checks for SaaS Apps
* Using the SaaS Security API Dashboard
* Adding Device Conditions for TLS Inspection
* What is the Cato Anti-Malware Policy?
* Configuring the Anti-Malware Policy
* Allowlisting Anti-Malware Traffic
* Configuring TLS Inspection Policy for the Account
* Securing Traffic with TLS Inspection Using Private Certificates
* Securing Browsing Sessions Through Remote Browser Isolation (RBI)
* Configuring the RBI Service for Secure Web Browsing
* Customizing the Block/Prompt Page
* Restricting Content for Internet Traffic
* Reviewing Detection & Response Stories for MDR Customers
* Exporting Security Rules to a CSV File
* Assets
* Managing Groups
* Working with Custom Applications
* Working with Categories
* Working with Advanced Configuration for the Account
* Administration
* Cato Management Application Admins
* Managing Administrators
* Configuring Roles and Permissions for Admins
* Configuring an Admin with Regional Viewer Permissions
* Configuring Roles and Permissions for Reseller Admins
* Configuring Authentication Settings for Administrators
* Administrator Password Expiration Policy
* Setting Admin Preferences
* Working with Cato License Types
* Managing Site Bandwidth Licenses
* Showing All Sockets in the Account (Sockets Inventory)
* Configuring the Socket Upgrade Maintenance Window
* Showing Zendesk Tickets for Your Account
* Generating API Keys for the Cato API
* Integrating Cato Events with AWS S3
* Downloading Cato Digital Certificates
* Creating an Online Order for Your Cato Account
* Event Integration Event Fields
* Working with Email Notifications for the Account
* Working with Mailing Lists
* Configuring System Settings for the Account
* Defining Default Working Hours for the Account
* Exporting Log Files
* Sockets & Hardware
* Reimaging Cato Sockets
* Overview of Reimaging Cato Sockets
* How to Reset an X1500 Socket (USB Drive)
* How to Reset an X1500B Socket (USB Drive)
* How to Reset an X1700 Socket (USB Drive)
* How to Reset an X1700B Socket (USB Drive)
* How to Reset an X1600 Socket (USB Drive)
* Managing Sockets
* Using the Socket WebUI
* Supported Socket Transceivers and USB Ethernet Adapters
* Assigning a Static IP to a Socket
* How to Capture Traffic on a Socket
* How to Change the Socket Model for a Site
* X1700, X1600 & X1500 Socket Guides
* Socket Power Consumption Details
* Using Cellular Modems with a Socket
* Cato Intelligent Last-Mile Monitoring (ILMM)
* What is Cato ILMM
* Managing ILMM for Your Account
* Working with ILMM Licenses for Sites
* Understanding Cato's Gradual Rollout
* Working with the Cato Management Application
* New Cato Management Application - What's New
* New Cato Management Application - Known Limitations & Resolved Issues
* Legacy Cato Management Application
* Getting Started with Cato
* Adding Sites to Your Account
* Site to Site WAN Connectivity with the Cato Cloud
* Selecting the Site Type
* Configuring Sites with IPsec Connections
* Selecting the Connection Type for a Site
* Sample Procedure - Adding a Site with X1500 Socket
* Sample Procedure - Adding a Site with IPsec IKEv2
* Sample Procedure - Adding a Site with IPsec IKEv1
* Starting ZTNA with Cato
* What is Cato's ZTNA Solution
* Importing Users to Cato
* Authenticating SDP Users
* Distributing Cato Clients to Devices
* Client Lifecycle Management
* Implementing Cato Networks Threat Protection
* Overview of Threat Protection
* Configuring IPS and Geo Restriction
* Welcome to Cato Networks
* Tech Articles
* Cato Socket
* What is Socket High Availability (HA)
* Understanding Cato's Managed Socket Upgrade Service
* Using the Socket WebUI Tools
* Cato Socket: Deep Knowledge
* Connectivity Requirements for Socket Upgrades
* Part 1: The Socket Interfaces and Precedence
* Part 2: PBR and Network Rules within the Socket
* Part 3: The Socket Traffic Prioritization and QoS
* Active/Active Traffic Distribution
* Setting a Different Port to Connect to the Cato PoP
* How to run an X1500 Socket using a USB Flash Drive
* AWS vSocket - Requesting an Amazon AMI Image
* Cato Socket RMA (Return Merchandise Authorization) Process
* Using PPPoE with Cato Sockets
* Performance Troubleshooting: Socket Behind a Third-Party Firewall
* Remotely Pinging the Socket WAN Interface
* How to find DHCP host allocation
* Socket X1500 | Status LEDs for Ethernet Ports
* DHCP Doesn't Work With Subnet Source Bypass
* Updating the Socket WAN Interface Bandwidth
* Cipher Suites Used by the Cato Socket and SDP Client
* High Current Distance (Latency)
* How to Reconnect the Socket Tunnel
* Cato SDP Client
* Cato Client Installation Guides
* Windows
* Getting Started with the Windows Client
* Installing the Cato Certificate on Windows Devices
* macOS
* Getting Started with the macOS Client
* Installing the Cato Certificate on macOS Devices
* Linux
* Installing and Running the Linux Client v5.1
* Installing and Running the Linux Client v5.0
* Getting Started with the Android Client
* Getting Started with the iOS Client
* Distributing Certificates for Device Authentication and Device Checks
* Resending an Invitation to SDP Users
* How Can I Download the Cato Client?
* How Cato MFA and Expiration Mechanism Works
* macOS Client - Automatic Upgrades from v4.5 and Earlier
* How To Collect Console Logs on macOS
* Authenticating VPN Users with Corporate Identity
* Unifying SSO for VPN and Clientless SDP Users
* Configuring a Different UDP Port for the Cato Client
* Cato Client Arguments - Linux OS
* VPN Client TCP Fallback for UDP Tunnel
* ChromeOS that Supports the Cato VPN Client
* Best Practices for Deploying Cato Client .MSI via Group
Policy/Software Distribution Manager
* How to Uninstall the Windows Client Using MsiExec.exe
* How to install Cato Certificate on Linux (Ubuntu)
* How To Enable Debug Mode | Windows Client
* Adding VPN Users to the Account
* Networking
* Production PoP Guide
* Best Practices for IPsec Connections
* Explaining the Cato TCP Acceleration and Best Practices
* Controlling Inbound Traffic with Remote Port Forwarding
* Best Practices for DNS and Your Cato Account
* Handling DNS Flows in the Cato Cloud
* Best Practices for DHCP
* Network Segmentation - Best Practices
* Packet Loss Mitigation for Multi-Tunnel Links
* Best Practices to Measure Last-Mile Performance with SpeedTest
* Best Practices for Egressing Traffic In a Network Rule
* Introducing Cato Networks' Internet Recovery
* Integrating Cato with Alternative WAN Network
* Implementing QoS using Microsoft Teams and Cato
* Recovering WAN Traffic
* How to Reduce the Citrix Recovery Time
* Asymmetric Routing over Cato and MPLS
* Configuring Your Account to Support IP Overlapping
* Access Control and Threat Protection
* Cato Cloud Security Protections
* How to Integrate Third-Party DDoS Services for Internet-Facing RPF
Traffic
* How the Cato Cloud Protects against DNS Tunneling
* How the Cato Cloud Protects your Account from Ransomware Encryption
Actions
* Cryptocurrency and the Cato Cloud
* How the Cato Cloud Protects your Account from Phishing Attacks
* How the Cato Cloud Protects your Account from Suspicious Chrome
Extensions
* Understanding New Logic for Client Connectivity Policy
* Internet and WAN Firewall Policies – Best Practices
* Best Practices for Cyber Security and the Cato Cloud
* Best Practices for Implementing Cato Threat Protection
* Best Practices for TLS Inspection
* Cato Apps Catalog - Internet Firewall
* Analyzing Security Events According to Threat Reputation
* Testing TLS Inspection in the Cato Cloud
* Supported TLS Cipher Suites for Cato TLS Inspection
* Enabling and Working with Anti-Malware and IPS
* Testing Anti-Malware and IPS Threat Protections
* YouTube Videos Won't Load
* Show the real local location while searching Google
* How to allow SMB/SMTP outbound traffic (or any other service)
* Administrative
* Cato Cloud Thresholds and Limits
* Troubleshooting Support Self Service Portal
* Requesting New Features (RFEs)
* Cato Networks Scanners or Penetration Testing
* Status page subscription guide
* Cato Networks SVG Stencils
* Cato Certificate
* Installing the Root Certificate for TLS Inspection
* Certificate Warnings with Blocked HTTPS Websites
* Installing Root CA Certificate to Firefox
* How to Install the Cato Certificate
* Cato Management Application
* Uncategorized vs. Undefined System Categories
* FAQ - Reseller Admins Viewing Alerts from Customer Accounts
* Priority Analyzer Shows Imprecise QoS Priority for Traffic
* Log Exporter: Under the Hood
* Monitoring Your Site with Connectivity Alerts
* Cato IPsec Guide: IKEv1 vs IKEv2
* QoS Policies Explained
* How to Configure an Egress Rule
* Finding the Public IP of Your Sites in the Cato Management Application
* Deployment
* How to Implement Cato vSocket in AWS Multiple VPCs Environment
* Setting up a Cato-Initiated IPsec to Your AWS Transit Gateway
* Redundant VPN Connection to AWS Using BGP
* Aruba Wireless Access Point Traffic Not Traversing Cato
* How to Use a vSocket in Azure Multiple VNets Environment
* How to Integrate RingCentral with Cato Networks
* Redundant VPN Connection to Oracle Cloud using BGP
* Setting Up Redundant VPN Tunnels to Google Cloud Platform (GCP)
* Socket Best Practice: VLANs vs. Routed Ranges
* Connecting a Socket to a switch with VLANs (802.1q)
* Cato Socket vs IPSec tunnel
* Cato Socket Connection Prerequisites
* Setting Up Redundant VPN Tunnels to Amazon Web Services (AWS)
* Connect your AWS assets to Cato Cloud with Amazon Virtual Private
Gateway
* Identity Providers and Authentication
* Using Windows Client 5.0 on Windows Server
* How to Configure Windows Event Forwarding for User Awareness?
* Local & VPN Users: LDAP Import vs. User Awareness
* User Not Mapped by User Awareness
* User Awareness | WMI "Test connection" fails when querying a DC on
Windows server 2008
* Sync Active Directory Users to Cato SDP Users
* Cato Configuration API - Reference Guide
* Managing Admins with the Cato API
* Configuration API - addSocketSite
* Configuration API - updateSiteGeneralDetails
* Configuration API - updateSocketInterface
* Configuration API - removeSite
* Configuration API - updateHa
* Configuration API - Adding, Updating, and Removing networkRange
* Configuration API - Adding, Updating, and Removing staticHost
* Using the Cato Site Creation API with Postman
* Configuration API Scripts
* Cato Configuration API Schema
* Cato Monitoring API
* Getting Started with the Cato API
* Cato Read Only API - events
* Cato API - AccountMetrics
* Cato API - AccountMetrics > Sites
* Cato API - AccountMetrics > Sites > Interfaces
* Cato API - AccountMetrics > Sites > SiteInfo
* Cato API - AccountMetrics > Timeseries
* Cato API - AccountSnapshot
* Cato API - AccountSnapshot > Sites
* Cato API - AccountSnapshot > Sites > Devices
* Cato API - AccountSnapshot > Sites > Devices > Interfaces
* Cato API - AccountSnapshot > Users
* Cato Read Only API - appStats
* Cato API - AuditFeed
* Cato API - EntityLookup
* Cato API - EventsFeed (Large Scale Event Monitoring)
* Cato API - EventsFeed > EventRecord (Large Scale Event Monitoring)
* SIEM Integration Guide for the Cato API
* Cato API Schema
* Working with accountMetrics > Granularity
* Example Scripts: Using the Cato API with Python
* Connecting to the Cato API Server from the GraphQL Playground
* Understanding Cato API Rate Limiting
* Troubleshooting Cato API Calls
* Support Policy for the Cato API
* Running API Calls with the Cato Cloud
* Services
* Training 101: Cato Management Application
* An Overview of Threat Intelligence
* Legal
* Update Regarding Cato Network’s Compliance with China’s PIPL
* Restricted Countries List
* Cato Networks Sub-Processors
* Explaining How Cato Classifies Network Applications
* EA Documentation
* Configuring the SaaS Security API Connector for Microsoft OneDrive (EA -
Actions)
* Deploying Azure vSockets from the Marketplace (EA)
* Managing the Rollout of Client Versions (EA)
* RBAC Permissions for Sites and User Groups (EA)
* Using The Network Dashboard (EA)
* Customizing Email Notifications (EA)
* Recovering Connectivity with Alt. WAN Links (EA)
* Videos
* The Ring of Defense
* No Ethical Boundaries: WormGPT
* Keeping your SLED Secure: Should you pay a ransom?
* LockBit hits TSMC: A $70M Ransom?
* Reddit and Extorted It: OpenAI Leaks and Paying for Ransomware?
* MOVEit or Lose it: Exploitation and Patching Hell
* How to listen to the Ring of Defense
* Security Obscurity: DNS Tunnelling and CensysGPT
* CyberTalk with Bill and Robin: 24th May 2023
* CyberTalk with Robin - 28th April - The RBI Episode
* CyberTalk with Bill and Robin - 3rd April 2023
* CyberTalk with Bill and Robin - 20th April 2023
* CyberTalk with Bill and Robin: 29th March 2023
* CyberTalk with Bill and Robin: 22nd March 2023
* Cybertalk with Bill and Robin: 16th March 2023
* Cybertalk with Bill and Robin: 2nd March 2023
* CyberTalk with Bill and Robin: 25th February 2023
* CyberTalk with Bill and Robin: 19th February 2023
* CyberTalk with Bill and Robin: 6th February 2023
* Cybertalk with Bill and Robin: 27th January 2023
* CyberTalk with Bill and Robin: 23rd January 2023
* CyberTalk with Bill and Robin: 4th January 2023
* CyberTalk with Bill and Robin - 22nd November 2022
* CyberTalk with Bill and Robin - 8th November 2022
* CyberTalk with Bill and Robin - 21st October 2022
* CyberTalk with Bill and Robin - 14th October 2022
* CyberTalk with Bill and Robin - 23rd September 2022
* Technical Product Updates
* Cato Networks Product Update: 31st October 2022
* Cato Tech Update - September 19, 2022 (video)
* Getting Started
* Getting Started with the Cato Management Application
* Getting Started with the Cato Knowledge Base (Video)
* Getting Started with Data Loss Prevention (Video)
* Getting Started with Cato's Cloud Access Security Broker (CASB)
* Cato Networks Video Library
* Introducing Cato Connection Methods
* How to?
* How to find Network Analytics for SDP Users
* How to use Real-Time Monitoring
* How to navigate the Apps Catalog
* How to use the Network Analytics Dashboard
* How to use the Threats Dashboard
* How to use the Application Analytics Dashboard
* How to use the Search bar in the Cato Management Application
* How to use Topology Grouping
* How to navigate the Site Settings window
* How to deploy a single vSocket in Amazon Web Services (AWS)
* How to enforce a Twitter Posting Policy using CASB
* How to test a Data Control (DLP) Rule
* How to configure a Data Loss Prevention (DLP) rule
* How to Enable Pre-Login for SDP Clients
* How to provision users with SCIM and Microsoft Azure
* How to install the Cato SDP Client on Windows
* How to deploy a Socket site
* How to configure a Firewall Rule
* How to check for Apache Log4j RCE vulnerabilities
* How to define first upgraded SDP users
* How to lookup a Domain Category
* How to create a packet capture on a Socket
* Video Tutorials
* An Overview of Agent Based User Awareness
* An Overview of Pre-Login for SDP Clients
* An Overview of SSO at Cato Networks
* Using SSO and the Cato SDP Client (Video)
* Azure vSocket Installation
* Support
* Working with Cato Support
* Information to Collect When Submitting Tickets to Cato Networks Support
* Support Self Service | SupportMe Portal
* Submitting a Support Ticket
* Announcement Regarding Changes to Submit a Request | July 2021
* Settings That Can be Modified by Cato Support
* Cato Cloud Articles
* Showing the Status of the Cato Cloud
* Accessing the Master Service Agreement
* Troubleshooting Articles
* Troubleshooting Networking & Platform
* TLS Connection Failure Over Off-Cloud or Alt-WAN Links
* ADUC Loads Slowly While Connected to Cato SDP Client
* Troubleshooting Socket Registration/Initial Connectivity Failures
* China | Webpage Having Rendering Issues
* Android Devices Unable to Reach Internal Resources Via Cato
* How to Troubleshoot Long Webpage Loading Time and Rendering Problems
* Websites Blacklisting Cato IP
* How to Use HAR File to Analyze Webpage Issues
* Block Page - Connectivity Problem, Connection was Closed by Peer
* macOS Ventura Users Unable to Reach Internal Resources Via Cato
* Cato Events Quota Exceeded
* Changing the Interface Role Generates Reconnect Events
* Troubleshooting Issues Related to Local SMTP Servers
* Troubleshooting Unusual Network Activity
* When is a Flow Assigned QoS Priority 255?
* Users Are Logged Out of Website After Successful Login
* How to Collect HAR Data
* Troubleshooting Azure HA Deployment
* RDP Session Established but the Remote Desktop Isn't Loading
* Geo-blocked Websites
* How to Troubleshoot Socket Site Packet Loss
* VoIP Troubleshooting
* How to Solve "Secure Connection Failed" Error
* Troubleshooting Access
* Users/Groups in Azure AD are Not Getting Provisioned to CMA via SCIM
* How to Remove macOS SDP Client User Profiles
* SDP client fails to connect due to netsh crashes with Windows 11
* SDP Client Silently Upgraded Even Though Policy was Changed to Managed
Upgrade
* Device Authentication Troubleshooting
* SSO Authentication Fails When Using External Browser | localhost Error
* How to Capture Traffic for SDP Client Issues with Wireshark
* Linux Cato Client Troubleshooting
* Troubleshooting Directory Services and User Awareness Errors and
Issues
* Troubleshooting Cato Windows VPN Client Installation Issues
* VPN User Doesn't Receive SMS MFA Code
* Troubleshooting the "Installation success or error status: 1603" When
Installing the Windows SDP Client
* Troubleshooting Performance Issues for the Cato Client
* Troubleshooting Domain Controllers for Real Time Sync Connection
Errors
* SDP Client Can't Connect to Remote Resources
* Troubleshooting Security
* ChatGPT Blocks Traffic from the Cato Cloud
* DLP Troubleshooting
* Cisco Umbrella DNS Redirection Getting TLS Block/Warning Page
* Download of EICAR Files Are Not Getting Blocked by Cato
* How to Check if Traffic is Blocked by the WAN Firewall
* How to Verify if Cato or Custom Root Certificate is Installed
* Websites with Prompt Page Don't Load Properly
* Why Do I See a "Connection is Not Secure" Message for Websites?
* Cato Management Application Error Codes
* Cato Announcements
* Release Notes
* Product Update - July 24th, 2023
* Product Update - July 17th, 2023
* Product Update - July 10th, 2023
* Product Update - July 3rd, 2023
* Product Update - June 26th, 2023
* Product Update - June 19th, 2023
* Product Update - June 12th, 2023
* Product Update - June 5th, 2023
* Product Update - May 29th, 2023
* Product Update - May 22nd, 2023
* Product Update - May 15th, 2023
* Product Update - May 8th, 2023
* Product Update - May 1st, 2023
* Product Update - April 24th, 2023
* Product Update - April 10th, 2023
* Product Update - April 3rd, 2023
* Product Update - March 27th, 2023
* Product Update - March 20th, 2023
* Product Update - March 13th, 2023
* Product Update - March 6th, 2023
* Product Update - February 27th, 2023
* Product Update - February 20th, 2023
* Product Update - February 13th, 2023
* Product Update - February 6th, 2023
* Product Update - January 23rd, 2023
* Product Update - January 9th, 2023
* Product Update - December 26th, 2022
* Product Update - December 12th, 2022
* Product Update - November 28th, 2022
* Product Update - November 14th, 2022
* Product Update - October 31st, 2022
* Product Update - October 17th, 2022
* Product Update - October 3rd, 2022
* Product Update - September 19th, 2022
* Product Update - September 5th, 2022
* Product Update - August 22nd, 2022
* Product Update - August 8th, 2022
* Product Update - July 25th, 2022
* DLP Product Update - July 18th, 2022
* Product Update - July 11th, 2022
* Product Update - June 27th, 2022
* Product Update - June 13th, 2022
* Product Update - May 30th, 2022
* Product Update - May 16th, 2022
* Product Update - May 2nd, 2022
* Product Update - April 18th, 2022
* Product Update - April 4th, 2022
* Product Update - March 21st, 2022
* Product Update - March 7th, 2022
* Product Update - February 21st, 2022
* Product Update - February 7th, 2022
* Product Update - January 24th, 2022
* Product Update - January 10th, 2022
* Product Update - December 27th, 2021
* Product Update - December 13th, 2021
* Product Update - November 29th, 2021
* Product Update - November 15th, 2021
* Product Update - November 1st, 2021
* Product Update - October 18th, 2021
* Product Update - October 4th, 2021
* Product Update - September 20th, 2021
* Product Update - September 6th, 2021
* Product Update - August 23rd 2021
* Product Update - August 9th, 2021
* Product Update - July 26th, 2021
* Product Update - July 12th, 2021
* Product Update - June 28th, 2021
* Product Update - June 14th, 2021
* Product Update - May 31st, 2021
* Product Update - May 24th, 2021
* Product Update - May 17th, 2021
* Product Update - May 3rd, 2021
* Product Update - April 19th, 2021
* Product Update - April 5th, 2021
* Product Update - March 22nd, 2021
* Product Update - March 8th, 2021
* Product Update - February 22nd, 2021
* Product Update - February 8th, 2021
* Product Update - January 25th, 2021
* Product Update - January 11th, 2021
* Product Update - December 28th, 2020
* Product Update - December 14th, 2020
* Product Update - November 30th, 2020
* Product Update - November 16th, 2020
* Product Update - November 2nd, 2020
* Product Update - October 19th, 2020
* Product Update - September 7th, 2020
* Product Update - August 24th, 2020
* Socket Version 9.0 Release Notes
* Product Update - July 27th, 2020
* Product Update - July 13th, 2020
* Product Update - June 29th, 2020
* Product Update - June 15th, 2020
* Product Update - June 1st, 2020
* Product Update - May 4th, 2020
* Product Update - April 20th, 2020
* Product Update - April 6th, 2020
* Product Update - March 23rd, 2020
* Product Update - March 9th, 2020
* Product Update - February 24th, 2020
* Product Update - February 10th, 2020
* Product Update - January 27th, 2020
* Product Update - January 13th, 2020
* Product Update - December 30th, 2019
* Product Update - December 16th, 2019
* Product Update - December 2nd, 2019
* Product Update - November 18th, 2019
* Product Update - November 3rd, 2019
* Product Update - October 6th, 2019
* Product Update - September 22nd, 2019
* Product Update - September 8th, 2019
* Product Update - August 25th, 2019
* Product Update - August 11th, 2019
* Product Update - July 28th, 2019
* Product Update - July 14th, 2019
* Socket Version 6.0 Release Notes
* Product Update - June 30th, 2019
* Socket Release Notes
* Socket Version 18.0 Release Notes
* Socket Version 17.0 Release Notes
* Socket Version 16.0 Release Notes
* Socket Version 15.0 Release Notes
* Socket Version 14.0 Release Notes
* Socket Version 13.0 Release Notes
* Socket Version 11.0 Release Notes
* Socket Version 10.0 Release Notes
* Socket Version 8.0 Release Notes
* Socket Version 7.1 Release Notes
* Socket Version 7.0 Release Notes
* Cato Security Announcements
* CVE-2022-28199 - NVIDIA DPDK Vulnerability
* CVE-2021-44228: Apache Log4J RCE
* Ransomware: The Kaseya VSA Supply Chain Attack
* CVE-2021-1675 and CVE-2021-34527: PrintNightmare - Windows Print Spooler
RCE
* FAQ - Changes to the Anti-Malware Policy, Trusted Destinations, and TLS
Inspection
* CVE-2021-21972 VMware vCenter RCE
* SolarWinds SUNBURST Malware and the Cato Cloud
* Cato Notifications
* Changes to Sites and Network Rules based on Second PoP Locations in
Tokyo and Osaka (Japan)
* Cato Read-Only API Notification – New Internal Cato ID for SDP Users
* EoS for Linux, iOS and Android Clients Earlier than v5.0
* Cato Management Application Notification: New Always-On Policy
* FAQ - X1700 Socket Hardware Update (X1700B)
* Upgrading to Socket v15 - Troubleshooting Connectivity Issues Related to
Misconfigured Connectivity Settings
* New Audit Trail Item Related to an Update to the Cato Cloud
Infrastructure
* Improved Behavior for MFA Verification Code with SMS
* EoS for Windows and macOS Clients Earlier than v5.0
* Cato Management Application Notification: Update to Deprecated
Applications
* Announcement Regarding End-of-Life (EoL) for Legacy Cato Management
Application
* Notification - Review Non-Ordered Firewall Settings and Activate the New
Firewall
* FAQ - Security Change to the Cato Cloud (May 30, 2021)
* Announcement Regarding End-of-Life (EoL) for Cato Legacy Firewall
* Announcement - Change for Opening Support Tickets in January 2021
<% if (previousArticle || nextArticle) { %>
<% if (previousArticle) { %>
<% if (previousTitle) { %>
<%= PREVIOUSTITLE %>
<% } %> <%= previousArticle.title %>
<% } %> <% if (nextArticle) { %>
<% if (nextTitle) { %>
<%= NEXTTITLE %>
<% } %> <%= nextArticle.title %>
<% } %>
<% } %> <% if (items.length > 1) { %>
CONTENTS
<% items.forEach(function(item, index) { %>
* <%= item.name %>
<% if (item.children.length) { %>
<% item.children.forEach(function(subitem) { %>
* <%= subitem.name %>
<% }) %>
<% } %>
<% }); %>
<% } %>
Follow Us
Read
Cato Blog
Privacy Policy Cato MSA www.catonetworks.com
All rights reserved Cato Networks 2023
CATEGORIES
<% categories.forEach(function(category, index) { %>
* <%= category.name %>
<%= partial('partial-article-list-sections', { id: 'category-' + category.id,
parentId: '#sidebar-navigation', sections: category.sections,
activeCategoryId: activeCategoryId, activeSectionId: activeSectionId,
activeArticleId: activeArticleId, partial: partial }) %>
<% }); %>
<% var maxSections = 5 %>
TOGGLE NAVIGATION MENU
<% var activeSection = sections.filter(function(section) { return section.id
=== activeSectionId; })[0] || null; %> <% var sectionsToDisplay =
activeSection ? sections.filter(function(section) { return
section['category_id'] === activeSection['category_id'] &&
section['parent_section_id'] === activeSection['parent_section_id']; }) : []
%> <% sectionsToDisplay.forEach(function(section, index) { %>
* <%= section.name %>
<% }); %>
* CATEGORIES
CATEGORIES
<% categories.forEach(function(category) { %>
* <%= category.name %>
<% }); %>
<% if (sections.length) { %>
<% sections.forEach(function(section) { %>
* <%= section.name %>
<%= partial('partial-article-list-sections', { id: 'section-' + section.id,
parentId: '#' + id, sections: section.sections, activeCategoryId:
activeCategoryId, activeSectionId: activeSectionId, activeArticleId:
activeArticleId, partial: partial }) %> <% if (section.articles.length) { %>
<% section.articles.forEach(function(article) { %>
* <%= article.title %>
<% }); %>
<% } %>
<% }); %>
<% } %> <% if (sections.length) { %>
<% sections.slice(0, maxSections).forEach(function(section) { %>
* <%= section.name %> <%= partial('partial-section-list-sections', { parent:
section, sections: section.sections, maxSections: maxSections, partial:
partial }) %>
<% }); %> <% if (sections.length > maxSections) { %>
* See more
<% } %>
<% } %>
<% categories.forEach(function(category) { %> <% var isActive = category.id
=== activeCategoryId %>
* <%= category.name %> <% if (category.sections.length) { %>
<% category.sections.forEach(function(section) { %>
* <%= section.name %>
<% }); %>
<% } %>
<% }); %>
<% topLevelSections = sections.filter(function(section) { return
section['category_id'] === activeCategoryId && section['parent_section_id'] ===
null; }); %>
<% topLevelSections.forEach(function(section) { %> <% var isActive =
section.isActive %>
* <%= section.name %> <% if (section.sections.length) { %>
<% section.sections.forEach(function(section) { %>
* <%= section.name %>
<% }); %>
<% } %>
<% }); %>
<% var activeSection = activeSection || sections.filter(function(section) {
return section.id === parseInt(activeSectionId, 10); })[0] || null %> <% if
(activeSection && activeSection.sections.length) { %>
<% activeSection.sections.forEach(function(section) { %>
* <%= section.name %>
<%= partial('section-tree', { sections: sections || [], activeSection:
section, partial, activeSectionId: section.id }) %>
<% }) %>
<% } %> <% if (activeSection && activeSection.articles.length) { %>
<% activeSection.articles.forEach(function(article) { %>
* <%= article.title %>
<% }) %>
<% } %>