Cato Networks. Network Security as a Service

Similar documents
Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

How to Re-evaluateYour MPLS Service Provider

Switching Firewall Vendors? Drop the Box!

Takes 3-6 Months to Deploy. MPLS connections take 3-6 months to be up and running in some remote locations. Incurs Significantly High Costs

Business Strategy Theatre

MPLS, SD-WAN, and the Promise of SD-WAN as a Service

Transform your network and your customer experience. Introducing SD-WAN Concierge

Future of the Enterprise WAN: Too Complex to Ignore?

PROTECT WORKLOADS IN THE HYBRID CLOUD

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

Deploying Cisco SD-WAN on AWS

Transform your network and your customer experience. Introducing SD-WAN Concierge

Simplifying the Branch Network

WHITE PAPER. Applying Software-Defined Security to the Branch Office

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

Reaping the Full Benefits of a Hybrid Network

Speed Your Digital Transformation. How to Build the Enterprise Digital Technology Platform. Mark Casey, President & CEO, Apcela November 2, 2016

90 % of WAN decision makers cite their

Extending Enterprise Security to Multicloud and Public Cloud

Mitigating Branch Office Risks with SD-WAN

What To Ask Your SD-WAN Vendor

Hybrid Network present & future

Dynamic WAN Selection

The Essential Guide to Preparing Your Network for the Cloud. How to meet your network requirements at every step of your cloud transformation.

Ensuring a Consistent Security Perimeter with CloudGenix AppFabric

Cloud Controlled Network for Service Providers

1 The intersection of IAM and the cloud

Delivering the Wireless Software-Defined Branch

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Network. Arcstar Universal One

Innovative Solutions. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Solutions. Technology Brief

The Top 10 Reasons to Replace Your Branch Router with SD-WAN. An ebook presented by Silver Peak Systems

Juniper SD-WAN Alexandre Cezar Consulting Systems Engineer, Security/Cloud

Deliver Office 365 Without Compromise Ensure successful deployment and ongoing manageability of Office 365 and other SaaS apps

SD-WAN Solution How to Make the Best Choice for Your Business

Why the Cloud is the Network

Resilient WAN and Security for Distributed Networks with Cisco Meraki MX

How SD-WAN will Transform the Network. And lead to innovative, profitable business outcomes

Move, manage, and run SAP applications in the cloud. SAP-Certified Infrastructure from IBM Cloud

Global IP Network (GIN) Connects You to the World

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

VMware Hybrid Cloud Solution

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

SECURE HYBRID CLOUD Solution

NETWORK AND SD-VPN. Meshing legacy and Cloud Service Providers

JURUMANI MERAKI CLOUD MANAGED SECURITY & SD-WAN

Faster, Better, and Cheaper? Building the SD-WAN Business Case

Deliver Office 365 Without Compromise

Unity EdgeConnect SP SD-WAN Solution

Voice of the Customer First American Title SD-WAN Transformation

Data Mega Solusi. Company Profile

Evolution of connectivity in the era of cloud

Scaling Large and Multinational Enterprise SD-WAN Deployments

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

SD-WAN. The CIO s guide to. Why it s time for a new kind of network

Citrix Workspace. Lausanne Laurent Strauss Christophe Beaugrand

SD-WAN. Bringing Scale, Agility and Robustness to Enterprise Networks

Security Landscape Thorsten Stoeterau Security Systems Engineer - Barracuda Networks

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Building Infrastructure for Private Clouds Cloud InterOp 2014"

Data center interconnect for the enterprise hybrid cloud

Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

Cloud Connect. Gain highly secure, performance-optimized access to third-party public and private cloud providers

Vodafone keynote. How smart networks are changing the corporate WAN. Peter Terry Brown Director of Connectivity & UC.

Oracle IaaS, a modern felhő infrastruktúra

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Lessons Learned from SD-WAN Deployments on Six Continents. 21 September 2016 Tim Sullivan Co-founder & CEO

How To Deliver Faster In-branch Applications While Offloading The Enterprise Network

NTT Com Press Conference March 1, 2016 #enterprisecloud

Intelligent WAN: Leveraging the Internet Secure WAN Transport and Internet Access

Safeguard Application Uptime and Consistent Performance

Veeam and Azure Better together. Martin Beran Senior Systems Engineer; Czechia/Slovakia/Hungary

Citrix CloudBridge Product Overview

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Mark Webb-Johnson CTO, Network Box Corporation Ltd. January

HARNESSING THE HYBRID CLOUD TO DRIVE GREATER BUSINESS AGILITY

Achieving Agility with Cloud UC Success Depends on Evolving the Network

MASERGY S MANAGED SD-WAN

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Benefits of SD-WAN to the Distributed Enterprise

What is SD WAN and should I know or care about it? Ken LaMere Ecessa

Integrating Riverbed SD-WAN with Palo Alto Networks GlobalProtect Cloud Service

Oktober 2018 Dell Tech. Forum München

SD-WAN 101. November 3 rd 2016 Rob McBride Marketing

Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN

SD-WAN / Hybrid WAN : Leveraging SDN-NFV for Networks Agility

CenturyLink for Microsoft

Extending Enterprise Security to Public and Hybrid Clouds

Agenda. This Session: Azure Networking Basics, On-prem connectivity options DEMO Create VNET/Gateway Cost-estimation for VNET/Gateways

Network Automation and Branch Agility The Network Helps Enable Digital Business. Rajinder Singh Product Sales Specialist June 2016

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Total Threat Protection. Whitepaper

Connectivity to Cloud-First Applications

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN

C O M P E T E A T Y O U R P E A K

SD-WAN AND BEYOND: DELIVERING VIRTUAL NETWORK SERVICES

INNOVATIVE SD-WAN TECHNOLOGY

How Smart Networks are changing the Corporate WAN

Transcription:

Cato s Security as a Service

SHLOMO KRAMER, CEO Founder: Check Point (CHKP), Imperva (IMPV) Investor: Palo Alto s (PANW), Trusteer, GUR SHATZ, CTO VP R&D, PM: Imperva (IMPV) Founder: Incapsula (Imperva company) GLENN ESPOSITO, VP SALES (AMERICAS) VP Sales (Americas), Barracuda (CUDA) YISHAY YOVEL, VP MARKETING VP Marketing: Trusteer Sr. Director, Product Marketing: Imperva (IMPV) AVIRAM KATZENSTEIN, VP OPERATIONS Sr. Director, R&D Operations: Imperva (IMPV) Team Core Competency: Building and delivering mission critical, global scale networking and security platforms

ing and Security are Incompatible with the Shape of the Business Security Appliance Wide Area (WAN) Cloud Data Center (IaaS) Locations Users Locations Users Cloud Apps (SaaS) Data Center Made for this Not for this Data Center Mobile Users Clear Perimeter Dissolving Perimeter 3

Enterprises Pay the Price of Incompatibility Cloud Data Centers (IaaS) Cloud Apps (SaaS) and Public Internet (WWW) Point Solutions, Split Policy Bypass Security Mobile Users Appliance Sprawl High Latency Mesh Expensive MPLS Backhaul No Direct Internet Access Remote HQ / Data Center Remote 4

The WAN is Incompatible Cost, Speed, Cloud & Mobility Expensive Connectivity MPLS cost premium shrinks as Internet quality improves Security Appliances are Incompatible Budgets, Resources, Threat Landscape Costly Appliance Life Cycle Buy, Install, Configure, Repair, Upgrade, Renew, Retire Long Time to Deploy Painfully long MPLS rollout to new locations Capacity Constrained Too big or too small, you pay for It all Internet Traffic is Exploding Backhauling is wasteful and impacts user experience Location Bound and Rigid Partial coverage for locations and data access paths Insecure by Design Bolt-on security needed for Direct Internet Access Dependent on Skilled Staff Scarce expertise and staff overload Cloud and Mobile are Neglected WAN slow to evolve beyond branches Slow to Evolve and Adapt Painful patches and upgrades, falls behind the threat landscape 5

Cato presents: Security as a Service

Cato s Vision ing and Security must move to the Cloud Because they are too costly to own and too risky and complex to manage Cato Takes Stuff Off Your Plate 7

Security is Simple Again Cato Cloud Cato Security Services Security Policy One : Carrying WAN & Internet traffic One Security: Built into the network One Policy: All users, locations, resources HQ Datacenter es Cloud Infrastructure Mobile Users 8

One Cato Cloud Security Routing Reliability Optimization Encryption Global, SLA-backed, low latency, WAN backbone of physical Cato PoPs Secure Tunnels Overlay: FW IPSEC, Cato Socket (), Cato vsocket (Cloud), Cato Client (Mobile VPN) Cato Socket Cato vsocket Cato Client Secure and Optimized SD-WAN augments MPLS links, eliminates internet backhaul w/ secure, direct internet access MPLS HQ / Data Center Cloud Data Center Mobile Users 9

One Security Cato Cloud NG Firewall App Control URL Filtering Security Cloud Access Control Forensics Infection Prevention Routing Reliability Optimization Encryption Extrusion Prevention Enterprise grade security available everywhere (LOCAL secure Internet exit) Elastic and Agile: scale up, seamlessly updated Cloud traffic visibility accelerates defense adaptation Cato Socket Cato vsocket Cato Client HQ / Data Center Cloud Data Center Mobile Users 10

One Policy Cato Cloud NG Firewall App Control URL Filtering Security Cloud Access Control Forensics Infection Prevention Routing Reliability Optimization Encryption Extrusion Prevention Unified policy across all users, locations and access to both internal and Cloud apps/data Managed service by Cato and Partners with Full Enterprise IT supervision Cato Socket Cato vsocket Cato Client HQ / Data Center Cloud Data Center Mobile Users Cato NOC/SOC, MSP Partners, Enterprise IT 11

Customer Case Study Firewall Elimination & Direct Internet Access Before Cato Manufacturing, 4 locations, National Firewall Data Center UTM FWs, Site-to-Site Mesh Mobile VPN Drivers Firewall Firewall Mobile user UTMs refresh, subscription renewal Firewall Distributed UTM management complexity Cato Solution Phase 1: Split Internet traffic to Cato Sockets (side by side with UTMs) Security Phase 2: Replace UTMs with Cato Sockets (take over WAN) Data Center Mobile user 12

Customer Case Study Firewall Elimination, Low-latency WAN, Cloud DC Integration Before Cato (30) IPSEC Tunnel FW Appliance Global Manufacturer, 36 locations, FW at each site Backhaul to SAP ERP in Datacenter Driver Migrate to SAP Hana Enterprise Cloud (HEC) WAN backhaul no longer viable Cato provides global WAN with full mesh for SAP HEC Connect all locations to Cato with Firewall IPSEC tunnels IPSEC from FW (Azure Edition) Connect 3 Clouds datacenters (AWS, Azure, SAP) Provide low-latency global connectivity across all elements 4 sites replaced FW appliances with Cato Sockets Next: continuous firewall elimination (4) Cato Socket (FW replacement) IPSEC Tunnels To SAP HEC Cato vsocket (Gateway for AWS-to-SAP Traffic) 13

Where Do You Want To Start? Cato Use Cases Cato Cloud Appliance Elimination (Firewall, UTM, ) NG Firewall App Control URL Filtering Security Cloud Access Control Forensics Infection Prevention Extrusion Prevention Direct Internet Access, No Appliances Routing Reliability Optimization Encryption Secure SD-WAN Low-Latency Global WAN Cato Socket Cato vsocket Cato Client Hybrid Cloud Integration HQ / Data Center Cloud Data Center Mobile Users Policy Management Mobile Workforce, Secure Cloud Access Summary 14

#1: Appliance Elimination Stop Appliance Sprawl Appliance sprawl in branch offices too costly and complex to maintain and manage? Cato secures WAN and Internet traffic from Offices Eliminates UTM, NGFW and WAN optimization appliances Centralized policy enforcement HQ / Data Center Full Mesh in the Cloud, no point-to-point VPN Security tunnels configurations HQ / Data Center 15

#2: Direct Internet Access Eliminate backhaul and securely access the Internet directly from the MPLS backhaul overloaded by Internet traffic? Backhauling Office 365, Box, Cloud ERP/CRM traffic over expensive MPLS capacity MPLS Internet access isn't secure HQ / Data Center Cato provides secure direct Internet access for branches Offload Internet-traffic from MPLS links Cloud-based security stack, eliminates the need to deploy UTM/NGFW appliances in the office Security MPLS Cato Secure Internet MPLS/Internet Split HQ / Data Center 16

Customer Case Study Direct Internet Access Before Cato Manufacturing, 3 Offices, US Southwest MPLS backhauling to an on-premise ERP MPLS Data Center with On-premise ERP MPLS Driver ERP Backhaul Migration to Cloud-based ERP Cloud ERP Cato enables Direct Internet Access to All Locations Cato Socket tunnels Internet traffic to Cato Cloud Security Cato Cloud provides visibility and control for Cloud-based ERP and Public Internet Access MPLS MPLS Data Center ERP Direct Internet Access 17

#3: Secure and Optimized SD-WAN Augment/Replace MPLS s with Secure Internet Connectivity Need more bandwidth for branches but cant afford to pay for MPLS upgrades? Cato provides MPLS offload with security and optimization benefits HQ / Data Center MPLS Split Internet and selected WAN traffic to Cato Cloud Resilient last mile connectivity to Cato: Cato Socket uses dual Internet links, 4G/LTE failover, protocol optimizations Unique: Low-latency WAN connectivity: Cato Cloud provides optimal routing vs. Public Internet Unique: Direct Secure Internet Access, with no backhaul Cato Low- Latency WAN Security MPLS Cato Direct Internet Access MPLS/ Internet Split Unique: Cloud datacenter and Mobile User WAN integration HQ / Data Center 18

#4: Low-latency WAN Connect your locations using the Cato Cloud High latency branch-to-datacenter connectivity over the Internet? HQ / Data Center Connect your Locations using Cato Cloud MPLS-like Latency for the long haul Security Last Mile and Middle Mile Optimizations Multiple Tier-1 carriers, Dynamic Path Selection Forward Error Correction, TCP Proxy HQ / Data Center 19

#5: Hybrid Cloud Integration Unified policy across hybrid datacenters Split Cloud and Physical Datacenter Security Policy? Datacenter firewall rules Amazon security groups Physical Data Center Split Policy Admins, Users Cloud Data Center Cato provides Unified Policy for All Datacenters Securely connect Physical and Cloud Datacenter Unified policy across locations Security Unified Policy Physical Data Center Admins, Users Cloud Data Center 20

#6: Mobile Workforce Secure Cloud and Internet Access Full Visibility and Control for Mobile Users accessing Cloud and Internet sites Mobile users unprotected by going directly to the Internet? Without corporate network security stack, users are at risk from phishing and malicious sites Cloud access control is not enforced Mobile Users Cato protects mobile users everywhere, enforces corporate policy Connects mobile users to On-premise and Cloud resources Security Protect mobile internet access everywhere Reduce SaaS credential theft impact with Cato IP range restriction Mobile Users 21

Summary: Benefits of the Cato Architecture Low Latency, Affordable Office Simplification Mobile and Cloud Secure Integration MPLS-like latency for global connectivity SLA-backed Cato Cloud, better than public internet VPN tunnels Eliminates branch firewalls, UTMs, WAN optimization, URL filtering Direct Internet Access, Eliminates backhauling of Internet traffic Connects mobile users and Cloud resources to the Enterprise WAN Reduce point solutions and split policies 22

Backup Slides

Cato s Phased Deployment (Example) 1 Connect remote branch to the Internet with Firewall: VPN tunnel to Cato Cloud with MPLS Backhaul: Using Cato Socket 2 Connect datacenter for WAN access with Firewall: WAN access, firewall elimination with MPLS Backhaul: Cato SD-WAN 3 Connect mobile users, cloud datacenter Access Internet or WAN resources VPN MPLS Cato Socket Cato vsocket Cato Client Remote HQ / Datacenter Remote Cloud Data Centers (IaaS) Mobile Users 25

Expensive Capacity, Single Provider Massive Capacity, Low Prices Agile, Elastic Software Cloud Managed Services Shared Resources MPLS Backbone VS. Hardware OLD NEW Internet Backbone Custom, Rigid Products & People Own and Hire

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback