Q&A with Cato Networks co-founder and CEO Shlomo Kramer

14 December 2017 | Sponsored content


Capacity speaks to Cato Networks about the benefits of SD-WAN

Shlomo Kramer1.Tell us a bit about Cato Networks - your history and offering?

Gur Shatz, our CTO, and I founded Cato Networks in 2015 based on our many years in networking and security. He co-founded and was the CEO of Incapsula Inc., a cloud-based global network designed to protect websites against DDoS attacks. I co-founded Check Point Software, the company that introduced the market’s first commercial firewall, and later started Imperva, which invented the web application firewall category. 

We saw the problems enterprises faced with their networking and security architectures. So we started Cato Networks with the goal of making networking and security simple and affordable. The Cato Cloud is a cloud-based SD-WAN converging six products in one. The Cato Cloud replaces global MPLS services, edge SD-WAN appliances, secure web gateway (SWG), firewall appliances, cloud access security brokers (CASBs), and remote access solutions. 

2. You mention that enterprises faced “many problems.” Can you be more specific? What kinds of problems?

As we spoke with IT managers, we heard how their wide area networks (WAN) were becoming incompatible with the business. The traditional, MPLS-based WAN is a major headache for many with its high bandwidth costs, long deployment required times (up to 90 days for new sites), and poor Internet and cloud performance. Network security appliances brought their own complaints, namely their purchase costs, deployment and maintenance challenges, and how appliances could not simultaneously use features and functions on all traffic. 

3. You’ve spoke about Cato Cloud. Can you explain exactly “WHAT” is Cato Cloud? 

Cato Cloud is comprised of two complementary layers. The Cato Cloud Network is a global, geographically distributed, SLA-backed network of PoPs, interconnected by multiple tier-1 carriers. Enterprises connect to Cato using the Cato Socket, a zero-touch SD-WAN device, via any last mile transport (Internet, MPLS, and 4G/LTE). Cato Security Services are the fully managed suite of enterprise-grade and agile network security capabilities we spoke about that are directly built into the network. Customer and providers interact with Cato Cloud through the Cato Management Application, configuring corporate network and security policies and viewing detailed analytics on network traffic and security incidents.

Cato Banner

4. So is Cato Cloud a managed SD-WAN service? 

Cato Cloud is a true cloud service. As in many areas of IT, the initial SD-WAN services were managed SD-WAN services. These offerings continue to rely on discrete networking and security appliances, maintaining the same high-costs and complexity that impacted IT. The only difference is those costs now get passed onto enterprise customers as a monthly bill. 

Cloud-based SD-WAN services (also called SD-WAN-as-a-Service) are fundamentally different. The SD-WAN, routing, and security code are rewritten from the ground up as a fully-distributed, multitenant software stack. It’s elastic, allowing resources to be pooled and easily allocated by the service provider which can use this efficiency to lower costs. The distributed architecture is also built for resiliency and redundancy for improved uptime. And, like any cloud service, networking and security can be fully self-managed by IT without impacting other customers. This is a fundamental departure from SD-WAN appliances or managed SD-WAN services, one I believe represents the future of security and networking. 

5. How then does Cato help organizations to address those problems? 

The Cato Cloud gives organizations an affordable MPLS alternative. High network latency can undermine user productivity in remote locations, forcing enterprises to make a tough trade-off between an affordable, but high latency, internet-based network or an expensive, low-latency MPLS network. With Cato Cloud, they can get both performance and low-price. As a firewall-as-a-service, Cato Cloud eliminates the cost and overhead associated with deploying and managing branch security appliances. Cato Cloud also enables enterprises to seamlessly extend their WANs to include mobile users, cloud datacenters, and cloud applications. 

6. Should enterprises move to SD-WAN? Why?

In principle, yes.  SD-WAN lets IT use the right transport for the right job. You can continue to use MPLS where necessary, deploy 3G/4G if deployment is urgent or infrastructure is unavailable, tap xDSL or cable for home users and manage everything as one seamless network. That’s incredibly powerful. 

7. You say “in principle.” Is SD-WAN a good replacement for MPLS?

If by SD-WAN you mean replacing a global MPLS network with SD-WAN appliances and public Internet connections then companies will face problems. High latency and unpredictability make the Internet a poor alternative for delivering predictable performance. This is particularly true for real-time applications, such as voice, that are sensitive to fluctuations in latency and packet loss. SD-WAN appliances lack the middle-mile to solve these problems. 

This is where Cato can be so helpful. We provide SD-WAN and an affordable alternative to MPLS. We use multi-segment optimization to compensate for the unique performance and availability problems of the middle- and last-miles. Cato’s SLA-backed backbone consists of more than 30 PoPs across the globe, avoiding the fluctuations in latency and loss SD-WAN appliance experience when traversing the global, public Internet. Throughput maximization algorithms further improve data transfer performance. Within the last-mile, Cato Cloud uses a range of optimizations, such as Forward Error Correction (FEC), application QOS, and bandwidth throttling. Taken together, Cato Cloud provides companies with a backbone where applications perform well at a global scale and within budget.

For more information on, please << CLICK HERE >>

Shlomo is co-founder and CEO of Cato Networks. He is a network security expert and a serial entrepreneur. Shlomo has co-founded Check Point Software, who created the first commercial Firewall, and Imperva, the innovator of the Web Application Firewall."