Secure Access Service Edge (SASE) provider Cato Networks recently announced the first SASE-native LAN NGFW, which will eliminate the need for firewall patching and close security gaps left by disparate firewalls.
Manual patching might become a thing of the past
This new solution allows Cato to converge all firewall engines for seamless management and deep visibility from the cloud into the LAN. Native to the Cato SASE Cloud Platform, the Cato LAN NGFW doesn’t require additional hardware and is fully self-updating and self-maintaining, which will eliminate the manual patching and emergency fixes.
Cato LAN NGFW enables Layer 7, application-aware controls for local LAN segmentation while ensuring centralized policy enforcement. Cato simplifies policy management and delivers consistent enforcement with a security engine that achieved “near-perfect” protection on an independent security efficacy test from Frost & Sullivan by converging all firewalls, including internet, site-to-site, and firewalls within the LAN.
Among the features of the new solution include:
- Meeting compliance requirements for localized traffic control: Security policies can be enforced locally, which allows organizations to comply with regulations that mandate LAN traffic isolation.
- Transitioning from legacy LAN firewalls: The solution allows for the elimination of costly, resource-intensive standalone LAN firewalls while gaining application-aware segmentation and centralized policy enforcement.
- Simplified security for distributed environments: Provide consistent, application-aware security across multiple locations without needing additional on-premises firewalls to ensure zero trust enforcement across all locations.
- Secure east-west traffic with microsegmentation to reduce risk: Minimize lateral movement of threats with granular, application-aware segmentation policies for RDP, SSH, and SMB traffic aligning with NIST 800-207 zero trust principles.
“Patching is a costly, time-consuming nightmare– a ticking time bomb if delayed. Legacy firewall appliance vendors experience over 20 high and critical vulnerabilities in a single year, which means that IT has no choice but to drop everything and act quickly before it’s too late,” said Ofir Agasi, vice president of product management at Cato Networks. “The Cato LAN NGFW flips the script, delivering always-up-to-date protection without the patching chaos of firewall appliances.
Cato Networks cites the 2024 Verizon Data Breach Investigations Report (DBIR), which found that organizations take an average of 55 days to remediate 50 percent of critical vulnerabilities. This window provides threat actors with a significant opportunity and increases enterprises’ risk of cybersecurity breaches. The Cato LAN NGFW works to close this 55-day patch gap.
Cato Networks expands SASE platform
Recently, Cato Networks added a new IoT/OT security solution to its cloud platform.
The Cato IoT/OT Security solution was the company’s fourth major platform expansion in 2024, following the Cato DEM in October 2024 and the Cato XDR and Cato EPP in January 2024.
The IoT/OT security solution will be a native capability in the cloud platform and allow enterprises to instantly activate the new solution with the click of a button.
Former Cato Networks Global Channel Chief Frank Rauch said at the time that this solution was developed to meet partner feedback on the desire for an integrated platform.
“We’re going down a platform-driven path that basically adds security features there. We’re also heavily relying on AI and machine learning to be able to make the security environment better,” said Rauch. “At the same time, we’re helping partners by giving them the most current enablement and we’re giving them the ability to set up professional services labs, do test drives, proof of concepts with customers, etc. We’re really looking at our partner program right now to be able to align all of this, and that’s what you’re going to see in the first quarter.”
MSPs and their clients are starting to wonder if cloud is becoming too expensive to justify and very complicated to maintain. Read more about optimizing the cloud and saving costs by enabling SMBs with cloud technology.