As a valued customer, you will have read-only access to the Cato Management Application (CMA). This will streamline operation and communication when working with our Technical Operations Center (TOC). This is a managed product, so please contact the US Signal TOC regarding the use and configuration of features.

Please note, the CMA is accessible from anywhere on the internet. To align with security best practices, it is recommended that you configure your CMA account to utilize the Multi-Factor Authentication (MFA) feature provided.

The US Signal TOC can be reached at 888-663-1700, 24 hours a day, 365 days a year.

Accessing the Cato Management Application: 

• You will receive an email from Cato to activate and complete the configuration of your account. The activation email will also include the URL for the Cato Management Application portal. Either bookmark or take note of this URL.
• Once configured, you can access the Cato Management Application (CMA) from the provided URL.

• Upon successful authentication, you will be logged into the Monitoring dashboard of the CMA. From the dashboard, you can freely navigate to view settings and security policies. Any questions or requests can be directed to the US Signal TOC.

Navigating the Cato Management Application: 

Once logged in, you will see the following tabs at the top of the web page. Each tab provides access to various features within your SASE solution:

• Monitoring: The Monitoring page provides overviews of Network Topology, Sites. Remote User, as well as App Analytics, Event logs and Audit Trails, and any potential Threats on your network. There is also a Best Practice analyzer that provides suggestions on features that can be used to secure your network.
• Network: View active sites and their configurations, Network Rules, Remote Port Forwarding rules, IP Allocation, and other account wide and Site level network configurations.
• Access: View Remote User accounts created and connected to your SDWAN, along with Authentication and Access Control Settings.
• Security: View the configuration of the Internet and WAN Firewall, and the configuration of advance security features such as IPS, Next-Gen Antimalware, Remote Browser Isolation and more.
• Assets: View custom Groups, Apps, and Categories, along with System Categories defined by Cato. Catalogs for Apps, Threats and Indications managed by Cato.
• Administration: View administrative settings including Administrator Accounts, Roles and Permissions, Email Notifications, Licensing, Socket Inventory, and other advance configurations.

Key Features Secure Access Service Edge: 

Secure Access Service Edge (SASE) combines the connectivity of SD-WAN and the All-in-one security platform of Security Service Edge (SSE) for managing Network and Security needs in a single management platform. US Signal has Partnered with Cato Networks to provide a best-in-class SASE solution. With SD-WAN providing secure connectivity over Direct Internet Access, Broadband, or even Wireless Internet solutions, reducing the cost of connectivity between your offices or locations. SSE provides features such as FWaaS, SWG, Next-Gen Anti Malware, IPS, Remote Browser Isolation, CASB and DLP to secure your network from all threats, current or new.

SD-WAN

• Securely and automatically connect offices and remote users.
• Ease the burden of Network Administrators
• Managed by the USS TOC

FWaaS

• Firewall as a Service. Allows you to filter unwanted traffic destined for the internet.
• Allows you to implement Zero-Trust Network Access (ZTNA) by limiting what employees or devices have access to.
• Manage your firewalling policies for all sites from a single platform.

SWG

• Secure Web Gateway – Provides application filtering.
• Filter traffic on your Internet and WAN firewalls by Application. Ensuring that no unwanted applications can either reach the internet or access internal resources.

Next-Gen Anti Malware and Intrusion Prevention

• Also known as Threat Prevention
• Detect and Block malicious traffic and infected files in transit.

Remote Browser Isolation

• Remotely process and execute Web-Browser based scripts and programs for any suspicious websites.
• The webpage is then “streamed” to the endpoint while any malicious programs are safely executed and blocked at a Cato Point-of-Presence.

CASB

• Cloud Access Security Broker – Monitor and enforce security policies for cloud-based services.

CATO SDP Client

The Cato SDP Client is an agent-based VPN solution allowing employees to connect to the closest Cato PoP anywhere in the world and access both internal and cloud based resources. The Cato SDP client can also intergrate with several Identity Providers to make the login process both secure and seamless.

Software and Firmware Upgrades

By default, the maintenance window for software and firmware updates for your SDWAN hardware is from 1-3 AM on Sunday’s. When Cato releases updates for Sockets, it will be pushed out only during this maintenance window. The maintenance window is a configurable option and can be set at any time. To modify the maintenance window please contact the TOC at 888-663-1700.

Best Practices and Tips: 

The Cato Management Application has a built-in Best Practice Analyzer. For an overview of where to find and how to use this tool see the following Support Article: https://support.catonetworks.com/hc/en-us/articles/12801879707037-Reviewing-Best-Practices-for-Your-Account

To view the status of all Cato services (Event Discovery, Events Feed API, Cato Management Application, Cato Client) and Points-of-Presence: https://status.catonetworks.com/