Recent Content
Use Case- Bypass internal application access through CATO when in office
I have been using Netskope where there is feature of split tunneling wherein when it detects that you are in office network then you can disable remote access and the traffic to internal application will be routed using your office MPLS/ILL thus only internet traffic going to CATO but when same users are working from home then both remote access as well as internet traffic goes via Netskope. Now with CATO, there is no option with me to exclude traffic going to CATO POP except IP ranges but I want the same experience that when users is in office, only internet traffic goes through CATO and not private access. I want this spliting done through CATO SDP client as I dont have any site license.68Views0likes1CommentWhat do you think about the new Cato Community?
What do you think about the new Cato Community?SolvedMikeOrtega2 months agoCato Employee48Views2likes3CommentsNeed help with prelogin Intune deployment
Hello, I need to understand how to get prelogin to work for my environment so users can sign in when off of the network. We are deploying devices from intune using the enrollment status page. So it gets deployed to them, they turn it on and it autopilots from there. The cato sdp client is being deployed with patchmypc and has a script in place with that for the required registry keys. The certificates are being deployed inside of a win32 intune win file with a script to install the certificate. Script for the certificate: yes it is password protected pfx file. (We do not have a certificate authority. (This did work for prelogin on my device.) Import-PfxCertificate -FilePath .\Catoprelogin.pfx -Password (ConvertTo-SecureString -String 'mypassword' -AsPlainText -Force) -CertStoreLocation Cert:\CurrentUser\My All of this was successfully installed, what could I be missing? The certificate is an SSL certificate and I confirmed that it worked prior to the autopilot on my personal work computer without autopiloting it. DOES ANYONE HAVE ADVICE OR SUGGESTIONS ON HOW TO SETUP THE INTUNE AUTOPILOT PROFILE, ENROLLMENT STATUS PAGE, OR ANY OF THE ABOVE TO MAKE THIS WORK? WHETHER IT IS DEPLOYING THE CERT A DIFFERENT WAY OR DEPLOYING THE CERTIFICATE WITH THE CATO CLIENT APPLICATION INSTALL. Thanks,44Views0likes2CommentsAll members of group is not syncing from Azure AD
Recently we integrated CMA with our Azure AD and synced 3 groups. But some users started reporting that they are not able to login to SDP login and when we did analysis, we found that those users were not reflecting in CMA users and groups module, however at same time, I checked my Azure AD under Enterprise Applications for Cato Networks, I found those users are member of the group which we have synced with CMA. Now there are almost 100 users who are present in the group at Azure AD but same are not reflecting in CMA due to which I am unable to provide access to SDP client. Pls suggest what to do?43Views0likes5CommentsA simple example in Python
import json import ssl import urllib.parse import urllib.request headers = { "x-api-key": MY_API_KEY, "Content-Type": "application/json" } body = { "operationName": "accountSnapshot", "variables": {"accountID":MY_ACCOUNT_ID}, "query": ''' query accountSnapshot($accountID:ID!) { accountSnapshot(accountID:$accountID) { id } }''' } request = urllib.request.Request(url='https://api.catonetworks.com/api/v1/graphql2', data=json.dumps(body).encode("ascii"), headers=headers) response = urllib.request.urlopen(request, context=ssl._create_unverified_context()) print(json.loads(response.read().decode("utf-8","replace")))peter2 months agoCato Employee42Views2likes2CommentsHow to get the result of mutation
Hello team, We are currently considering using the Cato API to automate configuration for our customers. We would like to create sites, administrators, policies, etc. with the mutation commands, and then retrieve and display the applied settings with the query command. Based on the schema and actual behavior, we have confirmed that this is possible with firewall policies and administrators. However, I am not able to get more information than ID and name in the site settings. Is there any way to get these detailed configuration information? If not, is there any plan to implement this in the near future? thankyou,Solved41Views0likes2CommentsHey, Robin! I currently use Okta to manage my users. How complicated is this to set up with Cato?
You know those situations where someone asks you a question, and you think to yourself "this is something that's going to be asked multiple times?" Yeah, this is one of them. While I was talking with a future Cato Customer, they asked a simple question about how difficult it would be to provision their users with SCIM into the Cato Management Application. Naturally they were hesitant (as this can be a mammoth task with many vendors), but with us, it's a pretty light-lift. Being the egotistical buffoon I am, I thought to record a video in a dimly lit hotel room. Of course we have fantastic product documentation that explains this procedure in detail, but some people are visual learners who want to see the 'final product' instead of the steps along the way. Remember, 5 hours of troubleshooting can often save you 10 minutes of reading the documentation 😀Robin_Johns19 days agoCato Employee40Views2likes1CommentUse Case: Block Youtube category but allow some specific youtube video ID(full path url)
Hi All, I am exploring the way to block all youtube but allow some specific youtube video id. The full path url is configured in Application Control policy with action allow and the youtube category is block in Internet Firewall policy. It is not working because application control only take effect with the traffic is allowed in Internet Firewall policy. FYI, full path url is not configureable in Internet Firewall policy. Appreciate if anyone from community can give some ideas. Thanks.Soon8 days agoComet36Views0likes4CommentsCato API with Gradio
Hello, During the "AMA about Cato API" webinar, you presented a demo of API usages with Gradio. Will you eventually share the code examples that you used to make these dashboards ? I would like to reproduce something similar (hit rules, detected applications by rules..) Regards, PierreSolved33Views1like2Comments