Recent Content
Use Case- Bypass internal application access through CATO when in office
I have been using Netskope where there is feature of split tunneling wherein when it detects that you are in office network then you can disable remote access and the traffic to internal application will be routed using your office MPLS/ILL thus only internet traffic going to CATO but when same users are working from home then both remote access as well as internet traffic goes via Netskope. Now with CATO, there is no option with me to exclude traffic going to CATO POP except IP ranges but I want the same experience that when users is in office, only internet traffic goes through CATO and not private access. I want this spliting done through CATO SDP client as I dont have any site license.- MikeOrtega2 months ago
Cato Employee
A simple example in Python
import json import ssl import urllib.parse import urllib.request headers = { "x-api-key": MY_API_KEY, "Content-Type": "application/json" } body = { "operationName": "accountSnapshot", "variables": {"accountID":MY_ACCOUNT_ID}, "query": ''' query accountSnapshot($accountID:ID!) { accountSnapshot(accountID:$accountID) { id } }''' } request = urllib.request.Request(url='https://api.catonetworks.com/api/v1/graphql2', data=json.dumps(body).encode("ascii"), headers=headers) response = urllib.request.urlopen(request, context=ssl._create_unverified_context()) print(json.loads(response.read().decode("utf-8","replace")))peter2 months agoAll members of group is not syncing from Azure AD
Recently we integrated CMA with our Azure AD and synced 3 groups. But some users started reporting that they are not able to login to SDP login and when we did analysis, we found that those users were not reflecting in CMA users and groups module, however at same time, I checked my Azure AD under Enterprise Applications for Cato Networks, I found those users are member of the group which we have synced with CMA. Now there are almost 100 users who are present in the group at Azure AD but same are not reflecting in CMA due to which I am unable to provide access to SDP client. Pls suggest what to do?
Hey, Robin! I currently use Okta to manage my users. How complicated is this to set up with Cato?
You know those situations where someone asks you a question, and you think to yourself "this is something that's going to be asked multiple times?" Yeah, this is one of them. While I was talking with a future Cato Customer, they asked a simple question about how difficult it would be to provision their users with SCIM into the Cato Management Application. Naturally they were hesitant (as this can be a mammoth task with many vendors), but with us, it's a pretty light-lift. Being the egotistical buffoon I am, I thought to record a video in a dimly lit hotel room. Of course we have fantastic product documentation that explains this procedure in detail, but some people are visual learners who want to see the 'final product' instead of the steps along the way. Remember, 5 hours of troubleshooting can often save you 10 minutes of reading the documentation 😀
Robin_Johns15 days ago
Need help with prelogin Intune deployment
Hello, I need to understand how to get prelogin to work for my environment so users can sign in when off of the network. We are deploying devices from intune using the enrollment status page. So it gets deployed to them, they turn it on and it autopilots from there. The cato sdp client is being deployed with patchmypc and has a script in place with that for the required registry keys. The certificates are being deployed inside of a win32 intune win file with a script to install the certificate. Script for the certificate: yes it is password protected pfx file. (We do not have a certificate authority. (This did work for prelogin on my device.) Import-PfxCertificate -FilePath .\Catoprelogin.pfx -Password (ConvertTo-SecureString -String 'mypassword' -AsPlainText -Force) -CertStoreLocation Cert:\CurrentUser\My All of this was successfully installed, what could I be missing? The certificate is an SSL certificate and I confirmed that it worked prior to the autopilot on my personal work computer without autopiloting it. DOES ANYONE HAVE ADVICE OR SUGGESTIONS ON HOW TO SETUP THE INTUNE AUTOPILOT PROFILE, ENROLLMENT STATUS PAGE, OR ANY OF THE ABOVE TO MAKE THIS WORK? WHETHER IT IS DEPLOYING THE CERT A DIFFERENT WAY OR DEPLOYING THE CERTIFICATE WITH THE CATO CLIENT APPLICATION INSTALL. Thanks,
EC2 Instance size selection for use with vSocket.
Hi all, Is there any guideline on selecting the EC2 Instance size for use with vSocket? According to the following KB article, the supported instance sizes are listed. KB:https://support.catonetworks.com/hc/en-us/articles/16150140007069-Deploying-a-vSocket-Site-from-the-AWS-Marketplace However, there is no guide on which instance to select. I would be grateful if there was a guidance such as "Use t3.large for up to 100Mbps." Thank you. Yoshihiro ToyomasuHow does Cato use AI?
Great Question! I've heard a few of our customers and partners ask this question, especially as Cato has appeared in the press more frequently with AI awards. So instead of writing a longform article, I thought I'd start explaining with a high-level overview of what AI/ML is, as well as giving you some examples on how it's applied here at Cato. This is by no means exhaustive (far from it), but we all have to start somewhere....
Robin_Johns17 days ago
