Cato Networks this week announced a new policy analysis engine for its cloud-based secure access service edge platform that the company says will optimize and improve SASE policies, reduce risk, simplify compliance, and reduce manual maintenance efforts.
Cato Autonomous Policies is built into the Cato SASE Cloud Platform and can provide enterprises with AI-driven recommendations to eliminate security exposure, tighten access controls, and improve network performance. The first use case of the policy engine is designed for firewall as a service (FWaaS) environments in which “firewall rule bloat” is present, Cato explained in a statement. The bloat comes from organizations accumulating thousands of rules that were designed to protect the environment, but after becoming outdated or misconfigured, actually lead to increased risk.
“Most enterprises rely on a mix of firewalls deployed in data centers, branch offices, and cloud environments. Over time, rule sets grow, become inconsistent, and are filled with redundant, outdated, or conflicting entries,” wrote Demetris Booth, product marketing director at Cato Networks, in a blog post on the product news. “As a result, security policies become hard to manage, even harder to audit, and often misaligned with zero-trust principles. AI-driven firewall policy management is necessary for modern enterprises to streamline and optimize security operations.”
Cato Autonomous Policies for FWaaS uses AI and real-time analytics to streamline firewall policy management across an enterprise’s entire environment. It automatically detects redundant, misaligned, or “risky” rules, and recommends changes to improve enforcement, according to Booth. It also continuously monitors policy configurations to enforce least privilege access, and it identifies violations, providing guidance on how to remediate the problem and align policies with compliance regulations.
Cato Networks says this capability will help security leaders transition from reactively defending their environments to proactively protecting them. With Cato Autonomous Policies for FWaaS, security leaders can improve security operations by reducing risks and costs, optimizing security tasks, and ensuring compliance.
“For years, IT leaders have chased the dream of autonomous networking and security—only to hit a wall of complexity,” said Ofir Agasi, vice president of product management at Cato Networks, in a statement. “With Cato Autonomous Policies, we finally cross into that threshold. Cato automatically transforms complex networking and security policy sets into optimized rules.”
Cato SASE Cloud Platform runs on a private global backbone of more than 90+ points of presence (PoP) connected via multiple SLA-backed network providers. The PoPs software continuously monitors the providers for latency, packet loss, and jitter to determine in real-time the best route for every packet. Cato applies optimization and acceleration to all traffic going through the backbone to enhance application performance and the user experience. To ensure all locations benefit, Cato optimizes traffic from all the edges and toward all destinations, on-premises and in the cloud.
Cato Autonomous Policies is generally available now, included as a native capability in the Cato SASE Cloud Platform.
Source:: Network World