Gorodenkoff - stock.adobe.com

Cato boosts network management with SASE cloud API

GraphQL-based API designed to extract security and networking information globally with a single request allows enterprises to automate provisioning and management of SASE deployments from third-party platforms

Just weeks after closing what was the largest funding round in the company’s history, said to demonstrate its leadership in one of 2020’s most dynamic markets, Cato Networks has launched its first application programming interface (API) to a global secure access service edge (SASE) platform.

With the drastic increase in remote working due to the Covid-19 outbreak, SASE has come of age rapidly since the term was first coined by research firm Gartner in August 2019, when it published its paper The future of network security is in the cloud, detailing how SASE is the natural evolution of two trends: network as a service and network security as a service.

SASE offerings have the potential to upend traditional networking and security. A summer 2020 investigation into the attitudes of IT leaders in the post-Covid-19 environment found that, despite the emergence and rapid take-up of software-defined wide-area networking (SD-WAN), 55% of organisations favour the emerging single cloud service model of SASE, which converges SD-WAN features with cloud-based security services for remote workers and devices.

Cato sees SASE as a multibillion-dollar market that will become increasingly competitive, and said it is expanding its ability to build out SASE services and go-to-market capabilities. Five years ago, Cato reimagined enterprise infrastructure by connecting and securing all edges – remote users, offices, and cloud resources – in a single, global, cloud-native platform.

Cato said the approach taken at that time has afforded its customers to have added visibility into their infrastructures and gain agility in the face of change. Buoyed with its added investment, Cato said that the company will further strengthen its financial position and accelerate its SASE market and technology expansion strategy.

With the Cato Cloud API, it said enterprises and managed service providers (MSPs) can automatically provision new sites and policies, and monitor Cato network analytics and security events from security information and event management (SIEM) and other third-party platforms.

With one API for security and networking, Cato said that it is simplifying management and monitoring automation of the complete network and security stack. MSPs and enterprises will be able to use the API to automatically provision and manage Cato deployments through their existing SIEMs and management platforms, such as Kibana, ServiceNow, ScienceLogic and Splunk.

In addition to being able to automate routine site and user configurations, they will also be able to programmatically respond to new events, such as instantiating updated security policies to block threats.

The Cloud API also brings programmatic monitoring and configurability to the visibility and control provided by the existing management application. With the API, Cato said that it is also exposing to third-party platforms all of the same granular networking and security events’ data, already correlated with a common context for easy analysis. Security and networking event data are held in the same format and structure, saving development cycles typically spent normalising data for analysis.

The API uses GraphQL and interfaces to the entire Cato Cloud, not to just one location. The result, said the company, is replacing what would have been hundreds of third-party API calls with a single Cato Cloud request.

“As Cato is being deployed in complex, global IT environments, the need for sophisticated monitoring and automation is paramount,” said Cato co-founder, president and COO, Gur Shatz. “The API is critical for these organisations to manage Cato deployments in the context of their existing tools and platforms.”

MSP CDW is among the first to deploy the API, integrating it into a number of management solutions to enable deeper visibility into the circuits of a managed service client.

“With just one Cato API call, we were able to replace tens of API calls from other vendors,” said Mark Hurley, product manager of enterprise networking services research and design at CDW.

“The Cato Cloud API allowed CDW to easily integrate into ServiceNow and monitor customer circuits with greater visibility while also providing latency monitoring.”

Read more about SASE

  • After the best part of two decades of gradual change in the world of the networking infrastructure, Wi-Fi and mobile notwithstanding, the past few years have seen more upheaval than at any time – here is a guide to picking your way through the SASE minefield.
  • A cloud-based distributed architecture, centralised management and endpoint-specific security policies are just some of the benefits of secure access service edge.
  • The hype around SASE is palpable. But by taking a step back, security leaders can align an emerging trend to their long-term goals.

Read more on Software-defined networking (SDN)