The SASE provider claims its NGFW enhances security by reducing the gap between vulnerabilities and patch updates.

Figure 1. Cato Networks Unveils Next-Gen Firewall Solution.

Cato Networks Unveils Next-Generation Firewall to Strengthen SASE Security

Cato Networks has introduced its next-generation firewall (NGFW) as part of its secure access service edge (SASE) platform, aiming to mitigate security risks from unpatched vulnerabilities. Figure 1 shows Cato Networks Unveils Next-Gen Firewall Solution.

The Cato LAN NGFW provides application-aware segmentation via the Cato Edge Socket, ensuring the same level of protection for LAN traffic as for WAN and internet-bound traffic. Operating at Layer 7, it enables granular control over LAN applications such as RDP and SSH, applying a consistent enforcement policy across all locations to eliminate the need for manual patching and emergency fixes.

“Patching is a costly, time-consuming nightmare—a ticking time bomb if delayed. Legacy firewall appliance vendors experience over 20 high and critical vulnerabilities annually, forcing IT teams to act quickly before it’s too late,” said Ofir Agasi, vice president of product management at Cato Networks. “The Cato LAN NGFW flips the script, delivering always up-to-date protection without the chaos of firewall appliance patching.”

Unlike traditional firewalls, the Cato LAN NGFW requires no additional hardware. It converges firewalls for internet, site-to-site, and LAN traffic into a unified security engine, simplifying policy management. With centralized control, organizations can manage security policies from a single console, reducing complexity and operational overhead.

Cato Networks Unveils Next-Generation Firewall to Strengthen SASE Security

Cato Networks has introduced its next-generation firewall (NGFW) as part of its secure access service edge (SASE) platform, aiming to mitigate security risks from unpatched vulnerabilities.

The Cato LAN NGFW provides application-aware segmentation via the Cato Edge Socket, ensuring LAN traffic receives the same level of protection as WAN and internet-bound traffic. Operating at Layer 7, it enables granular control over applications such as RDP and SSH, while applying a consistent enforcement policy across all locations—eliminating the need for manual patching and emergency fixes.

“Patching is a costly, time-consuming nightmare—a ticking time bomb if delayed. Legacy firewall appliance vendors experience over 20 high and critical vulnerabilities annually, forcing IT teams to act quickly before it’s too late,” said Ofir Agasi, vice president of product management at Cato Networks. “The Cato LAN NGFW flips the script, delivering always up-to-date protection without the chaos of firewall appliance patching.”

Beyond security, the Cato LAN NGFW helps enterprises meet compliance requirements by enforcing localized traffic control and LAN traffic isolation, ensuring alignment with industry regulations. It also eliminates standalone LAN firewalls, providing application-aware security across multiple locations without requiring additional on-premises firewalls for zero-trust enforcement.

The Evolution of Network Security & The Need for a Next-Gen Firewall

• The growing challenge of patching vulnerabilities and emergency fixes in legacy systems.
• What modern threats, such as ransomware and lateral movement attacks, require a smarter security approach.
• Introduction to Cato Networks’ SASE platform and how the Cato LAN NGFW addresses these challenges.

Key Features of the Cato LAN NGFW

• Application-aware segmentation at Layer 7 for granular control over LAN traffic.
• Unified security enforcement across LAN, WAN, and internet-bound traffic.
• No additional hardware required, simplifying deployment.
• Automated patching and policy updates to eliminate manual efforts.
• How it helps meet compliance requirements for localized traffic control.

The Role of Cato LAN NGFW in Zero-Trust Security

• Explanation of Zero-Trust Architecture (ZTA) and why it’s crucial for modern enterprises.
• How Cato LAN NGFW enforces zero-trust policies across all locations without standalone LAN firewalls.
• Minimizing lateral movement of threats within an organization’s network.
• Real-world example: How NGFW blocks unauthorized traffic and prevents breaches.

Simplified Policy Management & Operational Benefits

• Centralized security policy management via the Cato SASE Cloud Platform.
• Eliminating the complexity of managing multiple firewalls across distributed locations.
• The impact on IT teams: Reducing manual interventions and patching chaos.
• How enterprises can scale security easily with Cato LAN NGFW.

Business Impact & Future of Firewall Security

• How businesses benefit from always-updated, cloud-native security.
• Cost savings: Eliminating hardware and reducing operational overhead.
• The future of NGFWs and their role in AI-driven security and threat intelligence.
• Final thoughts: Why enterprises should move away from legacy firewalls and adopt a cloud-native SASE approach.

Source: NETWORK WORLD

Cite this article:

Priyadharshini S (2025),”Cato Networks Introduces Next-Generation Firewall", AnaTechmaz, pp. 153