We have a small office of 17 employees and have shifted from on prem file server and firewall to M365 and will be decommissioning the on prem stuff by years end.
Looking at CATO for our firewall solution moving forward and to help cover my users who TW, or while on the road.
Seems like a solid solution but pricey and kinda overkill feature wise for what I feel we need. However, what do you all think? Also looked at CORO and it feels the opposite end of the spectrum so kind of still looking.
So one of the rationale for CATO (or similar) is not needing to activate VPN when working outside of the office since all our services are cloud anyways. Plus if the office burns down/loses power/etc we are still G2G since it’s cloud based. CATO did have an on prem device to cover the office network just didn’t require us to connect through it remotely for our coverage. Again this isn’t my area of expertise and I have been working with a network vendor and this is what they are pitching.
It’s not really overkill per se. It’s a set cost per user. I’m however surprised that they sell to such low amounts of users.
Probably easier to get started with something like Cloudflare Zero Trust as you can test with free users for a while and then buy just as many as you need.
If you are decomissioning on prem completely and don’t need the VPN features, then perhaps you could argue for an overkill unless they sell the web portion separately. Cloudflare/Cisco Umbrella are fast to set up for the Web only part.
I guess the goal here is a cloud firewall solution to replace my on prem one (NSA2600) that gave us the extra layer of security and ability to monitor and limit traffic / sites. We do conferences in hotels so that seems like another good reason. Otherwise we are just running Windows Defender, we don’t control our users networks when they TW, and it’s seems like that’s not enough. Honestly though I’m no expert in this area hence my questioning.
Cloudflare and ZScaler are the two biggest when it comes to endpoint based web filtering and tunneling (zero trust stuff). And yes they can both do HTTPS decryption. With CASB I’m not sure of, we use the one built into Defender for Endpoint, but I do know Cloudflare has an option (for customers on enterprise plans) and ZScaler probably has something, but I’m less familiar with their products.
I’m trying to use CASB to restrict users to only log in to my companies office 365 tenant and block other tenants as well as personal outlook accounts. Is that something for CrowdStrike or Defender?