Welcome to the tech in 20 minutes podcast where you will meet new tech vendors and learn how they can help your business. At Clark Sys, we believe tech should make your life better. Searching Google is a waste of time, and the right vendor is often one you haven't heard of before. I'm Max Clark, and I'm with Josh Garland with Cato Networks. Josh, thank you for joining.

Good morning, Max. Thanks for having me.

So, Josh, what does Cato do?

Max, it's a great question. You know, we like to think of ourselves as the next generation WAN or wide area network. So essentially, we connect sites, whether those sites are customers' offices, data centers, mobile users, and really the big difference there is we connect them securely. So there's really an embedded security in this wide area network, but we also provide full management of this service and we also provide management for our customers. So we're really not only providing the networking portion of it, which I think we'll get into a little later, but we're also providing the full embedded advanced security.

So let's go down a stack. I mean, what is the problem that Cato solves?

So there's really 4 main issues we solve. As customers are moving away from MPLS, which is, you know, a traditional wide area networking platform, MPLS is high performing. It's a consistent experience. And as they move from MPLS, customers move from MPLS to SD WAN, they're going from this consistent experience to the public Internet. So really that's the first thing Cato solves.

And we solve it by providing a backbone. So we solve performance, and replacement of MPLS. The second thing we provide is security, right? As you move away from MPLS is you're moving from a secure, a private connection really to multiple public connections. So a lot of SD WAN vendors didn't take into account now that they went from one point of breach to a 100 points of breach.

So Cato also, solves that problem with providing security. And a lot of a lot of customers are trying to do all this with different point solutions. It's really unmanageable. So that's really the third thing we solve is manageability, right? Since we have all these services, we can consolidate security and networking, routing, SD WAN into a single cloud and have it easily manageable because it's fully integrated.

4th thing is, you know, since we are cloud based, you know, all the processing happens to the cloud. We wanna add new features. You know, you want more throughput. It's all inherent. Just like the reason people are moving to SaaS applications, right, it's scalability.

So it's really performance, security, ease of management, and future proofing scalability.

So Cato has a global network of gateways. I mean, literally a global network of gateways. Would you say that you're a security company with a network in SD WAN? Are you a network company with security in SD WAN? Are you a SD WAN company with a network in security?

I mean, how does this actually feed into each other?

Max, it's a great question. So we actually we started as a cloud based global security solution and then layered on top of that a global optimized backbone. So we can provide this security as a service, we can provide WAN optimization as a service. And really the SD WAN portion of it that everyone's talking about today, that is just a feature we provide. We are not an SD WAN company.

What SD WAN, we use SD WAN for, is to get from the customer prem to our PoP or to our cloud. Once you're on the PoP, you now have access to all our features, whether it's security, whether it's WAN optimization. And all those cool SD WAN features, again, just happen, the active active, active failover, packet duplication. All these features everyone's talking about over multiple Internet circuits just happens between the customer prem and our PoP.

SD WAN relates to a office location. You know? So a connection of an office to your backbone, to your gateways. What about mobile users? Post COVID, this is really important.

What are you doing for remote workers, distributed workforce in with Cato?

Well, it's an interesting question. And I think where where Cato provides value is it goes back to my statement about customers trying to provide all these different point solutions. So right now, you know, along with a VPN concentrator to get the VPN users into a centralized hub, They also need a firewall, they need an MPLS router, maybe even SD WAN device in the Cato world. This is all this is fully integrated. Even the VPN user is fully integrated.

And the beauty is since the VPN user, just like a site, would connect to the closest Cato POP, at that point they're on the backbone or our Cato Cloud. So they get really at that point, they get 2 advantages. They get to take a value or take, they get the better performance because they're hitting our POP and using our backbone. But But since we have embedded security, we can also lock those users down. So we're actually protecting those users and the corporate environment from any breaches.

So it's really security and performance those VPN users get, which they wouldn't get from traditional VPN concentrator.

I think this is an important point. Right? Because if you have a corporate HQ and a VPN concentrator there and let's say that's in Los Angeles and you have users in Europe, you're pinning traffic from Europe to Los Angeles versus with Cato, you're pinning traffic from, London to London to then come across your backbone. Is that right?

That is right. So so a huge advantage there is most customers, whether it's regionally, typically they have one central hub where they have a VPN concentrate. For instance, Max and your example, they have a data center in LA with a VPN concentrator. They have a user globally in Tokyo. That user, wherever they have to go, even if it's another site in Tokyo, they have to go all the way back to the US, hit that concentrator and then back across the wide area network.

In the Cato world, if you're in Tokyo, the VPN user or even a site terminates directly on the CatoTokyo POP. And the hairpins NIM, if you're going to Tokyo, we just hairpin back to Tokyo. So really we decrease a huge amount of latency and increase performance dramatically.

So say that you have a, you know, accelerated backbone or you have a single cloud based firewall and an endpoint management, I mean, those are those are solutions. Right? When when you'd say, you know, as a a business leader, how would I know these are things that I need to solve for? Like, what is driving that conversation that brings somebody to Cato?

Well, from from a CIO level or IT director level, a lot of folks are moving away from MPLS to, I'm not going to say reduce costs, but part of the promise is reduce costs with moving to SD WAN. And what they're finding is, first of all, they're taking a hit on performance. There's no built in security. The promise of simplicity with SD WAN isn't fulfilled. And if you upgrade, you still have to upgrade these boxes to higher throughputs, so there's really no scalability.

So what Cato provides really, you know, from from an IT directive standpoint, ease of management, right? So now they have all these resources in one spot. They can simply manage, whether it's changing URL content filtering on 180 sites with a single click. That can happen, but it's also the scalability of it. So essentially, since we are cloud and like I said before about SaaS environments, the scalability is infinite.

There is obviously some top limit, but if they need a new services, we add new services. If they need a new features or functionality, we can add that without really changing anything on the edge because it all happens in our core.

You know, a lot of SD WAN and security vendors in the market, what is an ideal customer for Cato? You know, if somebody's listening to this and they're thinking about Cato, where are you guys a home run? What do you do better than anybody else in the market, and and what brings people to Cato?

So really it's any customers concerned about security. That is always a big one. Any customers concerned about WAN or performance. That is a huge one. Any customers who are sick of having, you know, 6 or 7 appliances at each one of their sites and having to manage each one of those appliances and having no integration between all those platforms.

I would also say from a regional standpoint, listen, since Cato is POP based and we have this optimized backbone I keep mentioning, WAN optimization as a service on it, that really doesn't help for regional plays. If you have 10 offices in LA, the backbone's not going to help you. But security can still help you. The next generation firewall, the IPS, the IDS, may be a reason to look at Cato, but may not be a perfect fit. But if your sites are spread out across the United States and you want performance and you want this holistic view and security in all your traffic, Cato would be a fit.

And then to expand that a little further, if you're global, where performance really becomes an issue, Cato would even become a better fit.

So in that, you're saying your customers, not so much regional or regional, they're looking for integrated security, but more distributed across the country, across multiple countries, across multiple continents.

Exactly. How

is Cato priced? I mean, what is your unit measurement? Can you give me a price range example of, you know, low end and high end of what this would deploy like?

It all depends. Our service is priced. It's it is the operating cost. So we do bill monthly, quarterly, or yearly. And it's based on aggregate bandwidth into the Cato cloud, and it's based on region.

So we are priced very aggressive in the United States if all your sites are United States. And that the reason is at that point, we're competing against the box vendors, which in general are inexpensive. As we go globally, we're now competing against MPLS vendors because SD WAN box vendors cannot overcome the issues with the internet, especially globally. I mean, they have a hard time doing East Coast to West Coast of United States. So it's priced a little higher from that point, but compared to MPLS providers and what you get with Decatur Network, the WAN optimization, the next generation firewall, the built in security, VPN users, from a price perspective, it's very compelling.

What I'm hearing you say is if you're in the United States, bandwidth in the United States is relatively inexpensive, and so therefore, the service is relatively inexpensive. If you have sites in Mexico, bandwidth in Mexico is more expensive, and so your sites in Mexico become more expensive as a result. Ross Eddersen (3six zero

six): Exactly. So our I mean, just in general, you think about it, to build a pop in Mexico City is going to be a lot more than to build a pop in Las Vegas, Or even to build a pop in Tel Aviv or to build a pop in Johannesburg, it's gonna be a lot more expensive than build a pop in San Jose. So really that's where those costs come in also, why globally the costs are a little bit more because of the services in those areas are a bit more.

So you're charging based on the number of users, the amount of bandwidth in the office, services that are layered on top of it. I mean, what's what's that actually look like?

Yeah. So the the the first pricing component is bandwidth aggregate bandwidth into the Cato cloud or into the top. So if you're in LA, LAB and this is increments of 25 meg and you add 200 meg circuits and you want to go full active active, that would be a 200 meg license. To add on top of that, you can use this just for SD WAN and use this for a backbone, and you can use this for WAN optimization, but most customers also use this for this embedded security. So the service does come with the next generation firewall.

The additional features on top of that are advanced security features. So we have IPSIDS, next generation anti malware. We're using artificial intelligence to find 0 day threats. Part of the beauty of this is Cato's managing all this. We are managing the signatures, which is very resource intensive, as most customers know who manage firewalls.

And in general, they don't even keep up with these signatures, which are blocking threats by the web. They don't even keep up with them because they don't have the resources to. So this is all managed by Cato. And then the VPN user is another cost, a per user cost. And then we have some super advanced security and management features that are also additional costs.

For instance, we do a managed detection and response, which is really a managed service operation center security operation centers, excuse me, SOC. And since we have this SOC and ops globally, we can also manage circuits. We don't provide any local transport. Kato doesn't wanna be in that business, but with LOAs, we can actually open tickets with underlying carriers, AT and Ts, Verizon, GTTs, whoever the local transport is, to open a ticket and own that troubleshooting process with that end carrier.

Give me an idea of who your existing customers are in terms of, like, industries or size or, you know, brands people would know. I mean, I mean, where do you where do you play? What's your space?

Max, it's it's a hard question to answer. We are all over the place. There is no one vertical that's getting most of our business. If I had to say and give you one of the vertical, it would be manufacturing because typically they are global. Again, Cato can be a great fit on a regional US play, but globally it does make it better.

But we have law firms. We have retail shops, global retail because we are secure, we have that embedded PCI compliance. We also have some customers in medical field. Because of our embedded security, we're also HIPAA compliant. So really it's all over the map.

So if I wanna evaluate Cato or a customer wants to evaluate Cato, what's your process? I mean, do you offer demos, proof of concept, trial periods? What how does that work?

Cato is relatively new. We've been around since 2015, and we like to use that to our our advantage. Right? We see where the SD WAN companies fell short, and we're able to see that and build our product to fill in those gaps. But with that said, because our name is in a household name, we are more than willing to allow our customers to do no charge, no paperwork, proof of concepts, provide them full training on these services, and also, they're assigned an engineer who helped them configure these proof of concepts or trial architectures.

So we wanna be easy to work with.

We're in a post COVID world right now. What are you seeing from your customers, and how are you helping them with the shift in workforce?

You know, some customers we talk to are like, hey, this is great. We have 400 users. Guess what? We thought ahead, and everyone as users has a VPN license, even though, you know, we only have 20 of them who actively pre COVID-nineteen actually worked remote. But that's not normal.

What we normally find is, you know, customers have a 1000 users who are now forced to work remote. These customers, they didn't have enough VPN licenses, right? Now they have to get licenses from their firewall panel. But guess what? That firewall box doesn't support a 1000 vendors.

Now they have to buy a new box. Or guess what? Now our remote customers are coming through, you know, in and out of their Internet circuit, so now bandwidth is double. So they don't take this into consideration. So what Cato in this case and what we've been doing successfully is, you know, we've seen a lot of traction on our VPN user because there's no back hauling, because and it's fully secure.

You know, when a user on VPN hits our POP, they either go to the internet or if it's WAN services, they are directly sent to the data center. So we're seeing a lot of traction with that, and I guess the biggest problem in the industry is no one expected a 100% of the workforce to work remote, and they just weren't architected for it.

K. Josh, thank you very much.

Nice. Thank you.

Thanks for joining the Tech in 20 Minutes podcast. At Clark Sys, we believe tech should make your life better. Searching Google is a waste of time, and the right vendor is often one you haven't heard of before. We can help you buy the right tech for your business. Visit us at clarksys.com to schedule an intro call.