Cato Networks Extends ZTA With New Browser Extension

Cato Networks recently announced a new browser extension as an onramp to the Cato SASE Cloud Platform.

Browser-based approach addresses bring your own device security concerns

The Cato Browser Extension expands Cato’s Universal Zero Trust Network Access (UZTNA) to unmanaged devices without operational overhead, deployment complexity, or user disruption from legacy VPNs or enterprise browsers.

“Unmanaged and BYOD devices aren’t going away. They remain the weakest links in enterprise security. Without the safeguards of managed devices, they expose organizations to additional risk,” said Ofir Agasi, chief product officer at Cato Networks. “The Cato Browser Extension provides customers with the best of both worlds: simple access for users and complete policy control for IT without adding another tool to manage.”

As legacy ZTNA approaches require separate tools for different device types, they often lead to a disruption of the user experience and additional strain on IT operations.

To address this, Cato has made Zero Trust for unmanaged devices more easily deployable and maintainable.

Securing access without adding friction to employee experience

The Cato Browser Extension secures access in minutes without requiring client installations or new software. It enforces the same ZTNA policies already applied across the enterprise, so IT doesn’t need to create or manage new rules.

This new extension works natively with standard browsers– including as a native Google Cloud extension– under one consistent, enterprise-wide ZTNA model. The extension provides secure access in minutes without requiring client installations or new software. IT doesn’t need to create or manage new rules since the extension enforces the same ZTNA policies that are applied across the entire enterprise.

Cato ZTNA enables enterprises to unify access across every environment: managed devices connect via the Cato Client, unmanaged devices through the Cato Browser Extension, and sites and branches with a Cato Socket.

Simplicity and consistency top key benefits

Every connection is secured by Cato SSE 360– including FWaaS, SWG, CASB, NGFW, DLP, and Advanced Threat Prevention– ensuring continuous inspection, unified logging, and centralized policy enforcement.

Among the advantages that organizations gain as a result of all onramps being unified under one policy model:

• Consistent security posture: Unified, identity-aware policies across all devices close security gaps.
• Operational simplicity: Remove VPNs, enterprise browsers, and point solutions, reducing onboarding time and IT overhead.
• Audit readiness: Simplify audits and meet GDPR, HIPAA, and PCI DSS requirements with consistent enforcement.

Cato acquires Aim Security

The deployment of this extension follows Cato Networks’ acquisition of Aim Security, aiming to add AI security to its SASE cloud.

This was Cato Network’s first-ever acquisition and will expand the Cato SASE Cloud Platform to enable secure enterprise adoption of AI agents, along with public and private AI applications.

“AI transformation will eclipse digital transformation as the main force that will shape enterprises over the next decade,” said Schlomo Kramer, CEO and co-founder of Cato Networks. “With the acquisition of Aim Security, we’re turbo-charging our SASE platform with advanced AI security capabilities to secure our customers’ journey into the new and exciting AI era.”

Recently, WatchGuard launched FireCloud Total Access, a hybrid SASE platform for delivering enterprise-grade zero-trust protection to MSPs and small to mid-sized IT teams. Read more about this new platform and how it simplifies remote workforce protection while reducing reliance on traditional VPNs and hardware.