Cato Networks Application Visibility | Monitoring & Control

Cato Networks Application Visibility is a cloud-native monitoring capability that allows IT teams to identify, analyze, and manage all software traffic across the network. It uses deep packet inspection (DPI) to provide real-time data on bandwidth consumption, session counts, and user identity through a single management interface.

Have you ever wondered exactly what is eating up your bandwidth at 2:00 PM on a Tuesday? In my experience, it is rarely the business-critical ERP system you’d expect. Usually, it is a rogue update or a group of users streaming high-definition media. Without clear sight, you are basically flying blind. Cato Networks solves this by giving you a "God view" of every bit and byte moving through your pipes.

Get Started with Cato SASE
 

Where to Find Application Insights in the New CMA?

Cato's latest interface separates visibility from enforcement, making it easier to focus on the data you need.

You can access app usage insights via:

• Analytics > Application Analytics
• Monitoring > Applications
• Security > Threat Dashboard (for application-related threats)
   

Also Read: How the Cato Client Becomes the Identity Anchor for Zero Trust Access

How Cato Classifies Applications

Cato’s cloud-native engine uses deep packet inspection (DPI) and behavioral heuristics to automatically identify over 5,000 applications.

Each app is tagged with:

• Application name (e.g., Microsoft Teams)
• Application category (e.g., Collaboration, File Transfer)
• Risk level (Low/Medium/High)
• Session count and total bandwidth consumed

Unknown or custom apps can also be flagged for further review, and admins can tag them as custom entries.
 

Key Metrics You Should Be Watching

In the Application Analytics dashboard, focus on the following metrics:

• Bandwidth Usage – Total MB/GB used per app per timeframe
• Session Count – Number of connections opened by the app
• Active Users – How many endpoints are accessing the app
• Destination Domains – Where traffic is going (internal/external)

Example Use Case

A university's IT team noticed unexpected spikes in bandwidth from file-sharing apps. With Cato, they pinpointed usage to a handful of endpoints and adjusted policies accordingly to restrict them during peak hours.

Identifying Shadow IT and Risky Behavior

You can sort apps by:

• Risk Level (as defined by Cato’s classification engine)
• Category (e.g., Social Media, Remote Access)
• Top Talkers (apps with the highest usage or number of users)
   

This helps uncover:

• Unauthorized apps like personal Dropbox or WhatsApp Desktop
• Abnormally high usage of media streaming during business hours
• Legacy or insecure protocols still in use
   

What to Do with This Data

Once you’ve identified problematic or overused applications, you can take action:

• Network > Network Rules: Create rules to throttle or block app categories
• Network > Bandwidth Management: Prioritize business-critical apps
• Security > Application Control: Enforce policy based on risk or compliance
• Reports > Scheduled Reports: Export regular usage data for review
• Integrate with SIEM or third-party analytics using Cato's REST API

Note: As of now, you cannot configure threshold-based alerts for individual application bandwidth/session usage directly from the Application Analytics dashboard.

Also Read: Platforms, Countries, and Origin of Connection: Advanced Device Criteria in Cato Firewall

Checklist to Implement App Visibility Strategy

1. Review top apps weekly under Analytics > Application Analytics
2. Filter by category and risk to identify potential threats
3. Tag unknown apps for future classification
    

Create baseline reports to monitor usage trends across time

1. Define network and security rules to manage app behavior

Contact Our Cato SASE Specialist Today

FAQ 

Does Cato detect browser-based apps?

Yes. It recognizes browser-accessed apps and web traffic.
 

Can I block an app directly from the analytics page?

Not directly—you’ll need to create a rule under Network Policies.
 

Is app visibility available per user/device?

Yes. Cato maps traffic by identity and endpoint.
 

How accurate is app detection?

Cato leverages DPI and heuristics, giving high accuracy across thousands of known apps.
 

Can I export app usage data?

Yes. Use the REST API or scheduled report features for integration with third-party systems.