Next-Generation Anti-Malware (NGAM)

Network-based Next-Generation Anti-Malware (NGAM) protects organizations from malware in real-time as files are transmitted across the Internet or corporate WAN. Malware is identified with advanced heuristics and highly-trained machine-learning algorithms.

Threat Prevention Event Anti-Malware Policy TLS Inspection

Cato NGAM Capabilities

Real-Time Protection from Zero-Day Malware

Cato’s NGAM detects zero-day and polymorphic malware in real-time. In partnership with SentinelOne, a machine learning algorithm maps connections between thousands of data points to return a verdict of benign, suspicious, or malicious. Real-time zero-day malware protection eliminates the dependency on legacy sandboxing solutions that overburden IT teams and hurt the user experience.

Threat Prevention Event

Granular Policy and Simple Exception Controls

Policies are simple to manage, and administrators can define allow, and block actions based on context such as Internet or WAN destinations, source (user, IP address, Host), application, and more. Scanning exceptions can be specific or apply to the entire account. With Cato’s NGAM organizations can adopt a stricter security approach while maintaining the agility to meet business needs with policy changes taking effect globally in just minutes.

Anti-Malware Policy

Complete Anti-Malware Protection With TLS Inspection

More than 90% of web traffic is encrypted and enterprises must inspect it for threats. Cato’s SASE Cloud performs TLS inspection at scale, eliminating the need to size and scale legacy security appliances. Inspection policies can be granularly applied, allowing organizations to inspect as much traffic as desired. Enabling TLS inspection has no impact on performance and allows Cato’s NGAM complete visibility to detect and block malware across all traffic.

TLS Inspection

Protection for Nested Archives and Encrypted Files

Cato’s NGAM supports multiple file types and can scan multiple levels within nested archive files. Archive files are held until the engine confirms that the entire contents of the files are free from malware. Encrypted and password-protected files cannot be scanned but can be blocked by policy rules. These features help secure organizations by addressing one of the techniques used by threat actors to bypass security engines.

Threat Prevention Event

Always Up-To-Date Protection

Cato’s NGAM scans every file at wire speed, continuously evaluating the files against a signature and heuristics database that is continuously updated and optimized by Cato. Customers can replace the anti-malware engine of traditional firewalls and UTMs, ensuring that all files are evaluated against a comprehensive and up-to-date malware prevention database without the constraints of fixed appliance resources.

Threat Catalog - Anti Malware

Next Generation Anti-Malware Demo Video

Cato’s Next-Generation Anti-Malware provides consistent, global protection against both known and zero-day threats, actively analyzing file content and delivering a verdict in typically under a millisecond.

The Strategic Benefits of a True SASE Platform

Architected from the ground up as a true cloud-native SASE platform, all Cato’s security capabilities, today and in the future, leverage the global distribution, massive scalability, advanced resiliency, autonomous life cycle management, and consistent management model of the Cato platform.

Consistent Policy Enforcement

Cato extends all security capabilities globally to deliver consistent policy enforcement everywhere and to everyone, from the largest datacenters down to a single user device.

Scalable and Resilient Protection

Cato scales to inspect multi-gig traffic streams with full TLS decryption and across all security capabilities, and can automatically recover from service component failures to ensure continuous security protection.

Autonomous Life Cycle Management

Cato ensures the SASE cloud platform maintains optimal security posture, 99.999% service availability, and low-latency security processing for all users and locations, without any customer involvement.

Single Pane of Glass

Cato provides a single pane of glass to consistently manage all security and networking capabilities including configuration, analytics, troubleshooting, and incident detection and response. Unified management model eases new capabilities adoption by IT and the business.

“We ran a breach-and-attack simulator on Cato, Infection rates and lateral movement just dropped while detection rates soared. These were key factors in trusting Cato security.”

Try Cato

The Solution that IT teams have been waiting for.
Prepare to be amazed!