Discussions

Community platform related questions and suggestions

Forum Widgets

Recent Discussions

Logs from Azure are encrypted on Qradar
Hello everyone we are integrating CATO to send events to an azure and from there our SIEM service will collect the logs using Qradar. The workflow is: Cato > container > logic app > event hub. we are getting logs on Qradar but they seem to be encrypted. when we download the logs from the container to a local PC they are readable. this is my first attempt with azure integration so i have no idea where too start.. Thanks
Joe
Comet
2 days ago
8Views
0likes
1Comment
XDR integration with Crowdstrike and SentinelOne
Good day together For XDR there is already the antive EPP from Cato and the API integration for microsoft Defender. At a presentation I once saw 2 more logos from Crowdstrike and SentnelOne. Is there already a release date for this?
Peter_Schwarz
Comet
2 days ago
6Views
0likes
1Comment
Always on VPN and troubleshooting connectivity issues
Hi, I wanted to check if anyone else have experienced issues with the users enabled for Always On when their SDP client can not connect. Ocasionaly we see clients can not connect showing different errors, like username not recognized, can not connect, etc. The problem is that our Zoho Assist remote management software is not available if the user laptop is not connected to Internet which it is not when using Always On. How do you guys provide support in this scenario? What we usually do is first disable Always on policy for that user and then re-install the CAto client using either local admin or service desk user account. The problem is that we need to change the passwords to those accounts after giving out to the user by phone. Basically we just need Zoho Assist client traffic to bypass Cato tunnel, we will be testing split tunnel feature and adding Zoho IPs to bypass. Curious to hear your thoughts. Thanks!
Andrii
Comet
2 days ago
45Views
0likes
2Comments
Connectivity Alert Email - Interface Names
Hello, By default, the notification emails regarding a disconnected or degraded socket interface include the public IP address of the interface under "Interface Name". This does not match the port name in the socket configuration panel. Is it possible to modify this email template to include the descriptive name instead of, or ideally in addition to, the public IP address? This would be extremely helpful for quickly identifying which ISP is impacted. Not all network engineers have every single public IP in the company committed to memory! (Pictures have been redacted/edited to remove or alter sensitive information)
aekcmi
Comet
9 days ago
24Views
0likes
1Comment
Event logs limited to 100 events only
On theevents page in CMA, only the most recent 100 events are visible. Srolling though earlier events is not available. In order to search for earlier events you need to set filters, and even then only 100 events are listed. In normal day hundreds of thousands of events are generated. It would be helpful if we could just scroll though the events and do deeper dive into events that need attention. Rather than have to guess which filters to apply when troublshooting an issue.
MaheshMJ
Comet
9 days ago
19Views
0likes
3Comments
Email notifications subject
When I receive emails about new comments in a message thread the email subject is always just "Subscription Update on Cato Connect". Would it be possible to include the thread title for easier reference?
JM
Meteor
22 days ago
16Views
1like
2Comments
My Experience So Far With CATO Community
I just created my CATO Community account and, while I realize this is a new thing, I wanted to share some thoughts on my experience. It would have been helpful to get an introduction to the platform as soon as I logged in that could "show me around" basically.In the invite email that I got from my account rep, he gave me a pretty good overview of what the purpose of this community would be, but I think it might be beneficial to have a page that gives the platform an introduction from the beginning. For example, I see that I have this title "Stardust" under my name, and I saw someone else with "Meteor". I don't know what this means, but I assume its some kind of ranking system based off of my participation in the platform. Perhaps how many likes I've gotten. It would be nice to know what the rankings mean, and how to improve. This is just an idea, but perhaps you could also improve your rank by 1) filling out details in your profile 2) reading the Community Guidelines 3) or perhaps accomplishing other objectives that the CATO Community moderators would find helpful. I'm not necessarily advocating for something like daily login rewards, or giving "points" to someone for reading an article, but I do think it would be good to have goals for community members to achieve (like making your 1st post). In fact, I've seen this done in many other communities where they have a pinned Discussion for newcomers to simply say "hi" and introduce themselves. Once again, this may be unfair because this community just got started. I completely realize that. These are just some of my thoughts, and I welcome any other thoughts for this discussion about improving the newcomer experience.
Solved
CATOwner
Comet
26 days ago
52Views
0likes
2Comments
Bypass L7 from socket device
Hi community, Like the “Exclude Applications from Split Tunnel Policy Rules” available from the SDP client, is this functionality available from the socket ? Many customers have lot of teams and outlook traffic and need to bypass it directly from the socket. Many reasons for that (improve performance and save bandwitdh to the Cato Cloud) The actual bypass (from/to) IP is not usable for teams and outlook traffic. Thanks
Germ1
Comet
27 days ago
43Views
0likes
1Comment
Notifications
Unlike the current discussion board, email notifications about new posts/replies do not appear to include the actual content of said post, just a link to view the content online. That will get old very fast.
JM
Meteor
3 months ago
50Views
1like
8Comments
First!
Testing.... looking good.
Solved
JM
Meteor
3 months ago
38Views
2likes
2Comments