Documentation Index

Fetch the complete documentation index at: https://knowledge.catonetworks.com/llms.txt

Use this file to discover all available pages before exploring further.

Product Update - June 10, 2024

Prev Next

New Features & Enhancements

  • CASB Enhancement - Visibility for All Cloud App Activities: We added an option to configure Any Activity in a single Application Control rule that monitors all app activities. This lets you configure a single rule that monitors Any Activity for Any Cloud Application to discover all the apps and activities used on your network.

    • For customers with a new CASB license, a rule that monitors Any Activity for Any Cloud Application is automatically added at the bottom of the Application Control rulebase

  • New Academy Training - Network Operation Stories in XDR: Learn how Cato XDR can help Network Operation Center (NOC) teams identify and resolve network and connectivity issues. This training unit helps you understand:

    • Building blocks of Network stories

    • XDR functionality for network issues

    • Reporting and notification options

Go to the Cato Product Roadmap in the Knowledge Base to follow the status of upcoming features and enhancements.

Cato Client Releases

  • New Client Versions: From June 6, 2024, we started the rollout of the following Clients:

    • Windows version 5.10.34

    • Linux version 5.2.1.1

    • Android version 5.0.3.117

    The new versions contain an important security update and bug fixes.

Security Updates

  • IPS Signatures:

    • View more details about the IPS signatures and protections in the Threats Catalog

      • Ransomware 0day (Enhancement)

      • Ransomware Banta (New)

      • Ransomware BOMBO (Enhancement)

      • Ransomware Chaddad (Enhancement)

      • Ransomware EDHST (Enhancement)

      • Ransomware Eject (Enhancement)

      • Ransomware FUNNY (Enhancement)

      • Ransomware Harma (Enhancement)

      • Ransomware Lexus (Enhancement)

      • Ransomware Nett (Enhancement)

      • Ransomware OPIX (Enhancement)

      • Ransomware payB (Enhancement)

      • Ransomware POLSAT (New)

      • Ransomware Qilin (New)

      • Ransomware QRYPT (New)

      • Ransomware Stop/Djvu (Enhancement)

      • Ransomware SYSDF (Enhancement)

      • Ransomware xDec (Enhancement)

      • Sality Checkin (New)

      • Ducktail-Payload Communication(New)

      • FlyStudio - CnC Activity (New)

      • Low Credibility File Names(New)

      • CVE-2024-31982 (New)

      • CVE-2020-25858 (New)

      • CVE-2021-26914 (New)

      • CVE-2022-47075 (New)

      • CVE-2023-38204 (New)

      • CVE-2023-50386 (New)

      • CVE-2024-21683 (New)

      • CVE-2024-24919 (New)

      • CVE-2024-31848 (New)

      • CVE-2024-31849 (New)

      • CVE-2024-31850 (New)

      • CVE-2024-31851 (New)

      • CVE-2024-32113 (New)

      • CVE-2024-3273 (New)

      • CVE-2024-4040 (New)

      • CVE-2024-4956 (New)

      • CVE-2024-4978 (New)

      • Generic Java Serialization Over HTTP (New)

      • JS File Downloaded From Low-Popularity Target (New)

  • Detection & Response:

    • These are the updates to the Indications Catalog:

      • Threat Hunting Indications:

        • Communication with suspicious targets (New)

        • Dynamic DNS services (Enhancement)

      • Threat Prevention:

        • Suspicious DNS Communication with Blacklisted Targets

  • Suspicious Activity Monitoring:

    • These protections were added to the SAM service:

      • Downloading Teamviewer (New)

      • Lateral Batch Script Transfer (New)

      • SimpleHelp Remote Management Tool Lateral Remote Connectivity (New)

      • TeamViewer Inbound Remote Session (New)

      • Wininet/Winsock (Native Windows Client) to low Popularity (Enhancement)

      • AnyDesk WAN Remote Desktop Connection Initiation (New)

      • Transfer AnyDesk over SMB (New)

  • Apps Catalog:

    • Added over 100 new SaaS applications (you can view the SaaS apps in the Apps Catalog), including:

      • C3 AI

      • Intuit sub-services:

        • TurboTax

        • QuickBooks

        • Mint

        • Credit Karma

        • Mailchimp

    • Enhanced these applications:

      • Commvault

      • ProtonVPN

  • Device Inventory:

    • These are the updates to the Device Inventory detection engine:

      • IoT:

        • Access Point:

          • Aruba Networks (Enhancement)

        • Docking Station:

          • Action Star (Enhancement)

        • IP Camera:

          • Axis (Enhancement)

          • Hanwha (Enhancement)

          • Verkada (Enhancement)

        • IoMT:

          • Ascom (Enhancement)

        • Media Server:

          • BrightSign (Enhancement)

        • Network Appliance:

          • Cisco Meraki (Enhancement)

          • Ewon (Enhancement)

          • Juniper Networks (Enhancement)

          • Synology (Enhancement)

        • Payment Terminal:

          • CCV (Enhancement)

          • Castles Technology (Enhancement)

          • Verifone (Enhancement)

        • Power Device:

          • APC (Enhancement)

        • Printer

          • Canon (Enhancement)

          • HP (Enhancement)

          • Lexmark (Enhancement)

          • Ricoh (Enhancement)

          • Xerox (Enhancement)

          • Zebra (Enhancement)

        • Single Board Computer:

          • Raspberry Pi Foundation (Enhancement)

        • Smart Display:

          • Kyocera (Enhancement)

        • VoIP:

          • Cisco (Enhancement)

          • Commend (Enhancement)

          • Digium (Enhancement)

          • Grandstream Networks (Enhancement)

          • Innovaphone (Enhancement)

          • Mitel (Enhancement)

          • Polycom (Enhancement)

          • Snom (Enhancement)

          • Ubiquiti (Enhancement)

          • Yealink (Enhancement)

        • WAP:

          • Cambium Networks (Enhancement)

          • Cisco (Enhancement)

        • Video Encoder:

          • Axis (Enhancement)

      • Mobile:

        • Mobile Phone:

          • Samsung (Enhancement)

        • Tablet:

          • Amazon (Enhancement)

          • Apple (Enhancement)

        • Thin Client:

          • Dell (Enhancement)

          • PCoIP Endpoint Device (Enhancement)

        • Workstation:

          • Apple (Enhancement)

          • Dell (Enhancement)

          • HP (Enhancement)

          • MSI (Enhancement)

Note:

Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.