Book a FREE consult now

We'd love to give you a full tour of our solutions.

Book a FREE consult

Published on:

September 30, 2024

Layer 7 firewall is supported, for any traffic passed to the Cato Cloud.

The inspection takes place at the ingress PoP, providing full application awareness firewalling, URL filtering, IPS and advanced anti-malware.

LAN Segmentation: Cato NGFW supports the definition of LAN segments as part of the site context.

Cato supports several types of LAN segments:

  • VLANs - VLAN tags are stripped as packets enter the Cato Cloud, then upon reentering the LAN the VLAN tag is re-applied
  • Routed Range - LAN segments that are connected through a router into a Socket
  • Direct Range - LAN segments that are directly connected to the Socket, not via a router, and are different than the site's native range By definition, no traffic is allowed between different segments. Allowing such connections requires the creation of local segmentation rules, enforced by the Cato Socket, or the creation of WAN firewall rules that are enforced by the Cato Cloud with full inspection of the traffic.

Written by:
Henk Jelt Hoving
Book a demo now

We'd love to give you a full tour of our NaaS solutions.

Book a demo now

SASE SD-WAN

Structure of a budgetary internet access quote

Read article

How is a site survey conducted for Internet Access?

Read article

What are the types of Internet Access?

Read article

Can't find the answer?
Ask us directly.

We've build a huge library with all there is to know about IT networks and security. If you're looking for some deep information, than this is the place to be.
Reach out to us

What we promise

Monthly trails & demos
You're always up-2-date
We're here to help, 24/7
We're always down to business
Ask and we'll answer
Seamless site integration
Simple solutions for big problems
Monthly trails & demos
You're always up-2-date
We're here to help, 24/7
We're always down to business
Ask and we'll answer
Seamless site integration
Simple solutions for big problems