Secure Access Service Edge (SASE) merges the functions of network and security point solutions into a unified, global cloud-native service. It enables IT to provide a holistic, agile and adaptable service to the digital business across multiple IT domains.

Solving emerging business challenges with point solutions leads to technical silos that are complex and costly to own and manage. Complexity slows down IT and its response to business needs.

SASE provides a new networking and security platform with many key capabilities:

Authentication – Upon connection of an edge, dynamic risk assessment and context awareness, drives activation of multi-factor authentication.

Access – to key applications and services is controlled by application and user-aware next generation firewall policies. In addition, a zero-trust network access model ensures users can only access authorised applications without gaining general network access.

Prioritisation – Application identification assigns priority to the traffic to optimise loss-sensitive applications like Voice over IP (VOIP) and virtual desktop access (VDI) over other traffic such as general Internet browsing.

Decryption – To enable deep packet inspection, encrypted traffic can be decrypted once to allow multiple threat prevention engines to process the traffic.

Threat Prevention – Multiple security engines parse the traffic to detect risky access. These include secure web gateways that look for malicious web sites, anti-malware to prevent download of malicious files, IPS to stop inbound and outbound anomalous connections that are indicative of bot activity and more.

Data Loss Prevention – SASE applies specific data loss prevention rules to detect sensitive data in the network flows and stop it from leaving the network. Similarly, a cloud access service broker (CASB) can enforce granular access control to cloud applications.

Why Do Customers Choose CATO Networks?

Cato are a global cloud-native carrier. Their platform connects all data centres, branches, mobile users and cloud resources into a global, optimised, secure, managed SD-WAN service.

All WAN and Internet traffic is protected by a comprehensive suite of security services, updated and managed by dedicated security experts.

Replacing MPLS and multiple networking and security point solutions with Cato Cloud forms a network so agile and efficient it can meet today’s – and tomorrow’s – business requirements.

Cato Networks Offers the World’s Most Advanced SASE Architecture


Cato automatically determines the identity or the resource connecting to the Cato Cloud regardless of location. The identity is attached to the flow and is used, together with other context elements, to trigger multi-factor authentication, drive application-level access control policies, determine network quality of service and continuously assess the data risk associated with the flow.

Cloud Native Traffic Processing

Cato developed the Cato cloud from scratch as a cloud-native service. It uses a “single pass engine” to process all traffic from the packet level up and provide optimisation and security. Cato does not use purpose-built appliances or virtual machines and is therefore able to provide customers with the scalability, self-service and agility of cloud providers.

Securely Connects Edges

Physical locations, mobile users on any device, cloud data centres and applications use Cato edge solutions to plug into the Cato Cloud. Physical locations use an edge SD-WAN device (Cato Socket), a VPN client application or web browser is offered for mobile devices and IPsec tunnels connect cloud resources to the Cato Cloud. Regardless of edge, Cato’s full set of networking and security capabilities is readily available from the nearest Cato Point of Presence (PoP).

Globally Distributed network of PoPs

Cato Cloud spans over 47+ PoPs from which the full capabilities of the service are delivered. All of Cato’s PoPs are interconnected by multiple tier-1 carriers, forming a global private backbone that optimises WAN and cloud traffic. The PoP software applies deep packet inspection to secure the traffic against multiple threats as it flows through the Cato Cloud.


Use the form below to contact us for more information – we’re happy to help.