Mastering Bandwidth Control and QoS in Cato Networks

Introduction

Bandwidth management isn’t just a nice-to-have—it’s often the difference between smooth operations and daily frustration. Video calls breaking up, application lag, or dropped VoIP sessions all trace back to one root issue: poorly prioritized network traffic.

With Cato Networks, you can take control without relying on scattered hardware appliances or difficult policy scripting. Everything is defined in one place and enforced in the cloud, at the Cato PoP closest to the user.

This guide breaks down how to implement bandwidth shaping and Quality of Service (QoS) policies in Cato’s current CMA interface. You’ll walk away knowing where to configure, what to prioritize, and how to fine-tune performance based on real data.
 

What You’ll Learn

• Navigate QoS and bandwidth features in the updated Cato Management Application (CMA)
• Define traffic classes with real-time, business-critical, and bulk priorities
• Enforce bandwidth rules at global and site-specific levels
• Monitor real-time traffic usage and make policy adjustments
• Apply practical tips for troubleshooting and optimization

Navigating the CMA: Where to Set Bandwidth Rules

Here’s where you’ll find the bandwidth management options in the updated Cato platform:

• Network > Bandwidth Management: For global and per-site uplink/downlink control
• Network > QoS Classes: Create and configure traffic prioritization classes
• Network > Site Configuration > Bandwidth Management: Define shaping per location
• Analytics > QoS Dashboard: Monitor real-time policy impact
   

Creating Traffic Classes That Match Real Needs

QoS Classes are your way of telling the network what matters most.

Each class can be defined with: - Priority (High / Medium / Low) - Minimum guaranteed bandwidth - Traffic shaping behavior for latency or jitter-sensitive flows

Example Classes

• Real-Time: VoIP, Teams, Zoom — low latency and high reliability
• Business-Critical: ERP, CRM, SSO platforms — consistent performance
• Bulk/Background: File transfers, patch updates — low priority

You can use predefined templates or create your own custom definitions.

Assigning Apps and Services to the Right Class

Cato simplifies classification with auto-detection of over 5,000 known applications. You don’t need to build traffic rules from scratch.

• Navigate to Network > Network Rules  > New Rule
• Choose applications (e.g., Microsoft Teams, Salesforce)
• Assign a relevant QoS class
• Optionally apply rate limits per app, domain, or category

This allows you to ensure, for example, that Teams gets high-priority treatment even when the network is under load.

Real-World Scenario

A financial firm set Teams, Zoom, and Bloomberg to the Real-Time class. File-sharing apps were demoted to Bulk. They saw a 35% reduction in jitter complaints overnight.

Bandwidth Control by Site: Granular Enforcement

Not every office or region needs the same policy. Cato’s site-level shaping gives you flexibility across locations.

From Network > Site Configuration > Bandwidth Management, you can: - Set max bandwidth per uplink/downlink - Allocate minimums for each QoS class - Choose whether shaping applies to inbound, outbound, or both directions

Use Case

Your UAE headquarters may have a 1 Gbps fiber link. A remote warehouse in KSA may use a 50 Mbps LTE connection. You can: - Guarantee 15% of bandwidth for VoIP everywhere - Restrict OneDrive and Google Drive only at low-bandwidth locations - Let Salesforce traffic burst during non-business hours

Measuring and Optimizing with the QoS Dashboard

Policy without visibility is just guesswork. The QoS Dashboard in Analytics gives a clear view of: - Per-class bandwidth usage - Packet drops or queuing delay - Trends across time and by site or app

You can simulate load conditions using the built-in Traffic Generator Tool under Network > Tools.

Expert Tip

Enable alerts for dropped packets or class saturation. Use the REST API to stream traffic metrics to your NOC tools or SIEM dashboards.

Checklist: How to Get Started Today

1. Go to Analytics > App Usage to review current traffic patterns
2. Create 3–4 meaningful QoS classes
3. Apply those classes to high-use apps under Application Rules
4. Configure per-site bandwidth shaping in Site Configuration
5. Review dashboards weekly to adjust based on trends or user feedback

FAQ Summary

Can I assign QoS per user group or department?

Yes. Cato allows identity-aware QoS policies using AD/SAML.
 

Do QoS settings adapt in real time?

Yes. Cato’s cloud-native engine recalculates priorities dynamically.
 

Can each site have different rules?

Yes. Apply global defaults, then override as needed per location.
 

What about control over inbound vs. outbound?

Both directions can be shaped individually.
 

Are applications identified automatically?

Yes. Cato maintains a dynamic application catalog. You can also add custom tags.