Forum Discussion

Joining the Conversation

7 months ago

CATO always on

Hi, I am currently deploying Cato across my entire organization, transitioning from Fortinet’s VPN platform to Cato’s ZTNA. We are enabling Always On to enforce the use of Cato for all users. Howev...

Nath

Staying Involved

7 months ago

To encourage users to sign-in to the Cato VPN and pickup the Always-On policy you could ensure specific applications are only accessible via your allocated IPs.

For example, we direct the Microsoft Login traffic via our allocated IPs. We use these same IPs in an Entra Conditional Access Policy to ensure SSO can only be performed from the Cato VPN or a user at a Cato office.

Because CAPs can be very granular, you can target the SSO apps or users to suit.

Forum Discussion

CATO always on

Recent Discussions

Windows CA with Cato for Device Posture Check

Is there any way to know the actual service signature?

Need help with prelogin Intune deployment

AI for firewall rules?

Spotify web unable to play music