What is a CASB?

CASB is an abbreviation for Cloud Access Security Broker, and is a tool to address security risks such as information leaks and unauthorized access when companies use cloud services. For more information, please see the blog mentioned above.

Now, let me introduce the cloud security challenges that Cato's CASB can solve.

Challenge 1: Monitoring risks posed by Shadow IT

Employees using their own devices and accounts to access unauthorized cloud services poses a security risk to your business.

• Is the service provider trustworthy?
• Are you in compliance?
• Does it have sufficient security features?

From this perspective, cloud services used by companies need to be kept under control.

Cato Networks' CASB capabilities monitor corporate network traffic in real time and provide visibility into the cloud services accessed by employees, allowing administrators to quickly detect unauthorized activity and take appropriate action.

Cato Cloud Apps allows you to see which cloud services your employees are accessing and whether they are approved apps, allowing you to manage them appropriately.

In Cato, you can check detailed information for each application as shown below.

Issue 2: Want to monitor and control unauthorized user behavior when using SaaS

Cato's Cloud Activity Dashboard can visualize the login status of an organization's SaaS applications by integrating with Microsoft Entra ID through an API.

This dashboard shows the following data:

• Total number of sign-ins and failed sign-ins for each app
• Failed sign-ins and breakdown by country
• Users with the most failed sign-ins
• Sign-in Breakdown by OS and Browser

Challenge 3: You want to control activity in SaaS apps

Cato's Application Control Policy allows you to control applications, activities, and users in a detailed manner.

The control method is basically the same as for Firewall, but there are some detailed configuration items as shown below.

• General: Rule name, rule number
• Application: The application/application category to be controlled
• Activity: The activity to be controlled (login, video playback, upload, etc.)
• Criteria: Criteria defined in the Cloud App Catalog (e.g. Risk Score)
• Access Methods: Access method (host at the time of access)
• Source: The source of the access (IP, username, site name, group, etc.)
• Time: Time (e.g. working hours)
• Action：（Allow、Block、Monitor）

Examples of application control usage

• Box (cloud storage)
  • Block uploads, Allow downloads
• MS Login (tenant control)
  • Only specific email address domains can log in
• YouTube (video viewing restrictions, full path)
  • Block video viewing during working hours, only allow videos from specific URLs

And so on.

Benefits of Introducing Cato CASB

• It is an inline CASB, and the function is enabled simply by turning the toggle ON, making it easy to implement.
• Preset rules are available, making it easy to tune settings

• Gain visibility and control over all communications passing through Cato
• Security functions are centralized from the NW (WAN, SDP), reducing management workload
• Consistent policy control from the branch level to the individual device level

Cato allows you to control branch terminals and remotely connected users from just one management screen, which has the great advantage of reducing the burden on administrators.

Although we were unable to cover all of this in this article, it continues to evolve with features such as DLP and enhanced security using machine learning.