Explore the Community
Cato Cloud
Cato and SASE discussions and best practices.
API
API questions-and-answers, discussions, and best practices.
Recent Content
Account Access Request's mutation API
Hi everyone, The new account access request method enables us to manage permissions flexibly, but has also complicated the workflow. Manually requesting permissions for multiple support members and order members when an account is created is a significant burden. We are considering whether this could be simplified using the API, but we have not found any relevant commands. Have these been implemented, or being planning? Thank you,How can I ping or perform health checks on the Cato Socket's WAN interface from the public internet?
We’d like to monitor WAN availability externally (e.g., via public ping or other health check methods). Is there a supported way to reach and test the Socket’s WAN interface from outside the Cato network?
Cato Connect Event: AMA with Professional Services
Ever wish you could get direct time with the experts? On June 3rd, 2025 at 11:00 AM EDT, you’ll get just that — a live AMA with two of our Principal Consultants from the Cato Professional Services team. We’ll cover topics like: Designing and implementing a CMA deployment Best practices we’ve seen across real-world environments Your questions — seriously, bring them Here’s how to get the most out of it: Go here to find the registration link and get the calendar invite and join us live (must be logged in to Cato Connect to view the registration link) Post your questions below in the comments — we’ll answer pre-submitted ones first, before tackling live chat during the session + See a question you like? Give it a “like” to help it rise to the top Note: We won’t be able to look at specific CMA instances — demos will be done using internal environments. That’s it — register, post your questions, and we’ll see you there! Presenters: Principal Consultant Professional Services, Italy Principal Consultant Professional Services, USA If you run into any issues, @mention me or email us at community@catonetworks.comHey Siri.... Find me these Cato events....... AI Powered Natural Language Search.
Imagine as a SASE admin (already busy hunting critical threats and protecting your org from on-prem and cloud threats) how much you would hate if you have to write complex queries for simple searches? No one more Yet another query language please! But this is how our competitors did it by making you learn their syntax and their version of Regex to find events. For a simple search to find all traffic to 'google' and 'microsoft' or all phishing URLs why does it have to be so difficult? We took a radically innovative approach to finding results- very close to Apple's 'Hey Siri'! We have now made it even better with our innovative AI powered Natural Language Search feature. Simply click the magnifying glass on far right and write your queries in your own words. Sure you can use our filters and presets (check out my previous article on custom presets) but cool yeh? Where: Event Monitoring > Far right magnifying glass (note the far right magnifying glass icon in the screenshot on the top) NLS ability is now extended to Audit Logs as well! [If it isn't already, contact your Cato Networks representative if you would like this feature enabled in your account] Key Features of AI powered NLS: Uses everyday language to find relevant data Translates natural language queries into specific filters Automatically formats table results to show relevant columns Example Queries Show me all RDP blocked traffic Show me all DNS traffic Show me Internet firewall security events from phishing category URLs Show recent security incidents and alerts related to application vulnerabilities Show me security alerts where data was sent from computer 10.0.0.1 to 10.0.0.2 Power of Cato powered networks! Explore more: https://support.catonetworks.com/hc/en-us/articles/21585563225757-Filtering-Events-with-Natural-Language-Search PS: 'Hey Siri' or other products mentioned here are trademarks of Apple or their respective vendors.
Updating resource group names
I have noticed that if I go to Resources > Groups and change a group's name, that changed group name does not reflect in any firewall rules that reference that group. For instance, I create a group named group_1. I create an Internet Firewall rule with group_1 as the source. If I go back to and change the name of the group to group_one, the group name group_1 is still listed as the source in the Internet Firewall rule (it seems like it should update to group_one when he group's name is changed). If I change a group name that is referenced in a firewall rule, do I need to manually update the group reference in the firewall rule? If not, how long does it usually take for a firewall rule to update it's group name if the group name changes?Can't Export Dashboards?... Export button grayed out?
Issue: -I have editor permission under Networks and Access rows, yet I can’t export the sites or SDP users into CSV. -Export button is grayed out. Background: Cato CMA (Cato Management Application) has extensive RBAC (role-based access control) permissions. Since we introduced RBAC set of permissions have continued to be more granular in terms of what the admins can limit under various sections of the CMA. Some of the permissions may have evolved. This is one I ran into most recently that I thought would be worth sharing. How to: If you are running into this issue enable the Edit permissions under the Monitoring for the element tied to the dashboard you are trying to export. E.g. SDP User dashboard Where? Administration > Roles & PermissionsCato SDP Client to be auto intelligent to login instead of manual logging
I have recently migrated from Netskope to Cato Networks. One issue we have noticed is that users need to login once to Cato SDP client and then "Always-on policy" gets enabled. But users are smart, they don't login to SDP client itself as many sites gets blocked as per policy which they don't want so they don't login once also to SDP client thus making us non-compliant as absence of SDP client makes them vulnerable as they can browse malicious sites as well as can upload company data on public sites which typically gets blocked when connected over SDP client. In Netskope, we just had to push agents to the laptop and no user intervention was required, it automatically detects logged in user credentials so there was no scope for user to not login or bypass security controls. Can't we make zero touch experience for user so that there is no room for escape or delay as now we are totally dependent on user.
