Cato Networks added a self-healing capability to Cato Cloud, its SD-WAN service, and it launched a new data center appliance. Now, the SD-WAN automatically recovers from network failures in data centers, cloud resources, and branch offices.

According to Cato, the transition to SD-WAN has led to complications in delivering high availability (HA). “Self-healing is a way of improving network availability in a way that’s more responsive and requires fewer IT resources, both in terms of time and the specific skills needed to thoroughly test HA,” said Dave Greenfield, secure networking evangelist at Cato.

In addition, high availability configurations are necessary to enable enterprises to meet uptime levels of MPLS and existing security appliances. What the self-healing SD-WAN capability provides is end-to-end high availability, without intervention.

The Cato Cloud self-healing works by remediating network failures, automatically updating the security infrastructure, and adapting workflows by priority to ensure that there is continuous service delivery on the customer’s network.

It monitors and works across multiple networking tiers. This includes across Cato devices or Sockets; and across enterprise sites, regions, and Cato’s global network. Depending on which tier, Cato has certain failover or standby in place to ensure that service does not fail. For example, its devices have built-in redundancy, and across sites Cato uses a secondary standby Socket should one fail. It also uses an overlay across last-mile services. Regionally and globally, it uses SD-WAN tunnels and points-of-presence to maintain service availability.

The new SD-WAN device, X1700, is designed specifically for large data centers. Previously, Cato only had a branch device, and while it could be deployed in the data center it lacked certain functionalities required. Now, the X1700 device has redundant power and redundant, hot swappable drives, which protect data centers against common component failures.

The self-healing and high availability comes built into both of Cato’s SD-WAN appliances.

Earlier this year, Cato built a threat hunting system into its SD-WAN. This eliminated enterprises’ need to deploy data collection infrastructure and analyze raw data from the network.