Cato Networks

The Dropzone platform integrates with Cato Networks, a cloud-native Secure Access Service Edge (SASE) platform that provides capabilities such as SD-WAN, secure web gateway (SWG), firewall-as-a-service (FWaaS), zero trust network access (ZTNA), and cloud access security broker (CASB).

By integrating with Cato Networks, Dropzone AI can leverage network and VPN telemetry to enhance security investigations by analyzing network traffic associated with alerts, identifying devices behind IP addresses, and correlating user and VPN activity across the environment.

Obtain Account ID and API Key

Cato Networks requires an Account ID and an API key to enable. You will need access to an account administrator with the Editor privilege to generate keys.

To locate your Account ID, do the following:

Log in to your Cato Networks account
In the URL, locate the four-digit integer and copy it for use later in the Dropzone UI where it is called "Account ID"

To generate an API key, do the following:

In the upper banner of your Cato Networks homepage, click "Administration"

In the right, click "API Management"

Click "* New"

Name the API key something memorable, such as Dropzone AI
Under "API Permission," click "View"
Under "Allow access from IPs," click "Any IP"
If you wish, assign the API key an expiration date
Click "Apply"

Copy the API key shown for use later in the Dropzone UI where it is called "API Key"

Enable Cato Networks

To enable the Dara Source integration, you will need the following information:

Dropzone Field

Source

Cato Networks API FQDN

The FQDN of your Cato Networks API instance, e.g. api.catonetworks.com

Account ID

The Account ID value you copied earlier

API Key

The API key value you copied earlier

Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app
In the bottom left hand corner, navigate to Settings > Integrations