Cato Networks Adds Malware Detection to SD-WAN
Cato Networks today extended the reach of its software-defined wide area network (SD-WAN) service into the realm of cybersecurity.
Cato Cloud has added a Cato Threat Hunting System (CTHS) capability that IT organizations can use to identify which endpoints attached to the SD-WAN service are potentially compromised. That data can then be used to quarantine endpoints attached to the Cato network.
IT organizations could start sharing the malware data it collects with third-party IT security products and services, says Dave Greenfield, secure networking evangelist for Cato Networks. Those organizations in theory could use that data to delivered a “hot patch” to remediate a vulnerability that is being actively exploited.
Related Articles
What's Up with the Change Healthcare Attack?
A ransomware attack at a major U.S. healthcare service provider highlights the need for better protection driven by AI
Why Aryaka's Unified SASE Is ImportantAryaka rolls out Unified SASE, looking to provide a complete network and security platform
How 10 Telcos Are Getting AheadWhile other telcos struggle with legacy infrastructure and 5G disappointment, these 10 are pivoting to transformation
CTHS leverages machine-learning algorithms infused into a cloud service to identify threats across an extended SDN that is shared by multiple customers. Each customer gets allocated its own amount of dedicated WAN bandwidth that is centrally managed via a console that Cato Networks expose to network administrators.
“We’re a global SDN layered on top on a WAN backbone,” says Greenfield.
All the traffic travelling across that network winds up being a rich data source for hunting cybersecurity threats, says Greenfield.
It remains to be seen to what degree SD-WANs and cybersecurity might converge in the months and years ahead. But as SD-WAN traffic moves over a common WAN backbone, enough data is being centralized to make it feasible to apply machine learning algorithms to identify malware in real-time. The next big issue will be how turn that information in actionable intelligence that can automatically applied to ideally remediate an issue before it becomes a problem. But in the absence of being able to apply an ounce of prevention, the next best thing is to mitigate that risk by isolating the compromised endpoint before malware gets a chance to move laterally across an extended enterprise network.
Related Articles
What's Up with the Change Healthcare Attack?
A ransomware attack at a major U.S. healthcare service provider highlights the need for better protection driven by AI
New Zscaler Services Target Growing ThreatsZscaler adds AI/ML, expanded AWS capabilities, and CI/CD protection to Zero Trust Exchange SaaS platform
Rubrik IPO Represents Larger TrendRubrik, the 11-year-old secondary storage and security cloud provider, is going public in a move that reflects an influx of new blood in the public tech markets