“Gur Shatz and I spent our careers working on large scale networking and security problems and founded Cato Networks after extensive experience in the networking and security industries. I co-founded Check Point Software, which introduced the first commercial firewall to the market. Later, at Imperva, my team and I built the first web application firewall. Gur is our technical genius and built the Imperva SecureSphere platform and later founded Incapsula, a cloud network that protects web sites against DDoS attacks. With Cato Networks we combine our strengths in networking and security to disrupt the domains we helped built over the past two decades.”
Cato Networks’ mission is to make networking and network security simple and affordable. We are achieving this by converging these complex IT silos into a global, secure network in the cloud. The Cato Cloud replaces your global MPLS, edge SD-WAN, on-premise network security stack, cloud-based security services, and mobile VPN access with a single solution with one management interface. This approach dramatically reduces costs, complexity and risk to the business.
1) What is your business model and which customers do you serve?
Cato sells through the channel to enterprises of all sizes. Our customers span all industries and geographical regions. At this stage of our growth we see significant traction with manufacturing and technology midsize enterprises. They are in a rough spot having to support the full range of large enterprise needs but with substantially fewer resources and budgets.
2) What motivated you to start Cato Network? What problems is your company trying to solve?
We saw the impact the cloud, and specifically Amazon Web Services (AWS), on the way businesses consume IT services. Many IT pillars, applications, servers, storage went the cloud way. Networking and security, especially in the firewall domain, did not follow. We saw an opportunity to become the “Amazon Web Services” of networking and security by converging these domains in the cloud. We built a platform that is providing a secure network to the business, delivered as a cloud service. Our solution reduces both capital and operational expenses and improves overall security posture. On the capital expense side, you don’t need to buy, pay and upgrade branch appliances or buy point solutions to address specific business needs like remote mobile access or cloud migration. From operational expenses, we cut your MPLS connectivity bill by offering a viable alternative, and reduce the effort of your staff to patch, update, configure and deploy multiple point solutions. This simplification also impacts the strength of your security posture because there are less opportunities to create exposure through unmitigated vulnerabilities.
3) Can you describe your architecture/product offerings?
Sure. As I mentioned, we converge networking and security together in the cloud. More specifically, Cato Cloud connects all the enterprise network elements, including branch locations, mobile users, and physical and cloud datacenters, into a global, encrypted and optimized SD-WAN in the cloud. With all WAN and Internet traffic consolidated in the cloud, Cato applies a set of security services to protect all traffic at all times.
The Cato Cloud is comprised of two complementary layers:
- Cato Cloud Network: A global, geographically distributed, SLA-backed network of PoPs, interconnected by multiple tier-1 carriers. Enterprises connect to Cato using the Cato Socket SD-WAN device via any last mile transport (Internet, MPLS, 4G/LTE).
- Cato Security Services: A fully managed suite of enterprise-grade and agile network security capabilities, directly built into the network. Current services include a next-gen firewall/VPN, Secure Web Gateway, Advanced Threat Prevention, Cloud and Mobile Access Protection and network Forensics.
The cloud-based and multi-tenant Cato Management Application enables enterprises and service providers to configure policies, and monitor network activity and security events, from a single pane of glass.
Cato Cloud is seamlessly and continuously updated by Cato’s dedicated networking and security experts, to ensure maximum service availability, optimal network performance, and the highest level of protection against emerging threats.
4) SD-WAN space is fast becoming crowded with start-up solutions. How do you differentiate your solutions from competing portfolios?
The SD-WAN market today is dominated by appliance-based solutions. These edge SD-WAN appliances were designed to solve the problem of expensive and capacity constraint MPLS connectivity. They do it by adding internet links to form a hybrid WAN. However, because the Internet can’t consistently support latency and loss-sensitive applications, customers must keep MPLS in their network. Also, because traditionally networking and security are separate silos, security for internet traffic, which is a key driver for SD-WAN, is not built in. Lastly, cloud and mobile support isn’t an integral part of the solution although they are increasingly critical for most modern businesses.
Cato is differentiating against traditional SD-WAN with:
– A global backbone that provides affordable, SLA-backed connectivity that is superior to the unmanaged public Internet, and can replace expensive global MPLS providers.
– Built in network security that can provide secure direct internet access from remote locations, without the need for dedicated security appliances, or third party cloud-based security services, required by SD-WAN edge solutions.
– Seamless cloud and mobile WAN integration to securely and optimally connect mobile users and cloud datacenters to the enterprise network.
5) How are Cato Network and the SD-WAN providers impacting the service provider MPLS offerings?
It’s pretty clear that MPLS service sales are being severely impacted by SD-WAN. It’s why MPLS providers are racing to deliver managed SD-WAN services themselves. But simply reselling an SD-WAN appliance is not a cloud-based SD-WAN service. You miss out on the scalability, security integration and ease manageability of delivering SD-WAN as a true cloud service.
6) Who are your investors and how much is your funding to date?
Cato was started in 2015 and we have raised $70 million to date from US Venture Partners, Aspect Ventures, Greylock Partners, Singtel Innov8. We have more than 60 employees with offices in the US, Israel, and Asia.
7) What challenges does Cato Network face as it grows?
The Cato Cloud is a truly unique and disruptive approach to networking and security. It is simply not your “business as usual”, bolt on technology. Initially, prospects were asking themselves “Can this actually work?” Given the potential for a huge return on investment, they took the leap and joined with us. Today, with hundreds of production customers globally, I think we have enough proof points and public case studies to prove that we can deliver on our promise. As we get into larger enterprises, we will have to demonstrate we can support their more complex environment. At the pace our cloud platform is evolving, I am sure we can meet that challenge.
8) What is your vision for Cato Network going forward?
Our long-term goal is to become the de-facto standard for enterprises to connect and secure the business.
9) Apart from being a founder and CEO of Cato Networks, you are also involved in many other activities. For instance, you are a co-founder of several IT-focused businesses and a board director and founding investor in a number of security, fintech and software companies. How do you manage your time and prioritise tasks?
Cato is the third company where I hold an operational role after Checkpoint and Imperva. So, it is my primary focus. As an investor and board member I allocate the necessary time to make investment decisions and advise management teams.
10) Is there any other important message you would like to pass across to readers?
Be bold. At Cato we took a hard looks at big systemic problem – the proliferation of technologies built to patch the big gap between networking and security architectures, and way we do business today. We are proposing a new architecture, not just yet another patch. It makes the road longer and more difficult, but if you believe you are right, and our experience and results to date tell us that we are, the rewards will be substantial.