Cato extends zero trust access to SASE platform

The continued surge in hybrid work, bring your own device (BYOD) and contractor reliance has undeniably made businesses more agile and flexible, but it has also introduced a wave of unmanaged devices into enterprise environments that frequently lack security controls, creating exposure to data loss and regulatory risk. To mitigate these issues, Cato Networks has launched Browser Extension, what it calls “a lightweight onramp” to the company’s core secure access service edge (SASE) platform.

Cato cited Verizon’s Data breach incident report, which this year found that 46% of compromised systems containing corporate credentials were unmanaged devices. At the same time, compliance pressures under the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry Data Security Standard (PCI DSS) were continuing to mount. Until now, said Cato, protecting these endpoints meant deploying software IT couldn’t control or forcing users onto enterprise browsers, and that unmanaged devices create risk and compliance pressure for IT leaders.

“Unmanaged and BYOD devices aren’t going away,” said Ofir Agasi, chief product officer at Cato Networks. “They remain the weakest links in enterprise security. Without the safeguards of managed devices, they expose organisations to additional risk.”

Cato also noted that legacy zero trust network access (ZTNA) approaches often require separate tools for different device types. Extending access to unmanaged devices has meant installing new software, such as specialised browsers. The result, said the company, was disruption of the user experience and additional strain on IT operations. 

To address these challenges, Cato has made zero trust for unmanaged devices easy to deploy and simple to maintain. The extension expands Cato’s Universal ZTNA to unmanaged devices – including personal, contractor and BYOD endpoints – without the operational overhead, deployment complexity or user disruption that can come with legacy VPNs or enterprise browsers. It’s designed to simplify secure contractor and BYOD access, unifying zero trust policy management enterprise-wide.

The Cato Browser Extension is a native Google Chrome extension claimed to be able to provide secure access in minutes without requiring client installations or new software. It enforces the same ZTNA policies already applied across the enterprise, so IT doesn’t need to create or manage new rules. And unlike enterprise browsers that force users to adopt a new interface, the extension works natively with standard browsers under one consistent, enterprise-wide ZTNA model. 

With Cato ZTNA, enterprises can unify access across every environment: managed devices connect via the Cato Client, unmanaged devices through the Cato Browser Extension, and sites and branches with a Cato Socket. Every connection is said to be protected by Cato SSE 360 – including Firewall as a Service, Secure Web Gateway, Cloud Access Security Broker, Next Generation Firewall, Data Loss Prevention and Advanced Threat Prevention – ensuring continuous inspection, unified logging and centralised policy enforcement. All platform onramps are said to be unified under one policy model.

With these features, Cato assured that enterprises gain clear strategic advantages in terms of consistent security posture, operational simplicity and audit readiness. That is, businesses can have unified, identity-aware policies across all devices to close security gaps and remove VPNs, enterprise browsers, and point solutions, reducing onboarding time and IT overhead. It also said that firms can simplify audits and meet GDPR, HIPAA, and PCI DSS requirements with consistent enforcement.

In short, Cato believes Browser Extension restores IT control, giving users secure network access while enabling ZTNA for everyone on any device. “The Cato Browser Extension provides customers with the best of both worlds: simple access for users, and complete policy control for IT without adding another tool to manage,” added Agasi.