HomeNext Gen IT-InfraMonitoring & ManagementCyber SecurityBCP / DRAutomationDecoded
Next Gen IT-Infra
Cato’s SASE Supports Cybersecurity Skills Development

How Cato’s SASE Supports Cybersecurity Skills Development

🕓 April 8, 2025

How SASE Supports the Security Needs of SMBs

How SASE Supports the Security Needs of SMBs

🕓 February 9, 2025

Attack Surface Reduction with Cato’s SASE

Attack Surface Reduction with Cato’s SASE

🕓 February 10, 2025

SASE for Digital Transformation in UAE

SASE for Digital Transformation in UAE

🕓 February 8, 2025

Monitoring & Management
Understanding Atera’s SLA Management

Understanding Atera’s SLA Management

🕓 February 7, 2025

Cost-Performance Ratio: Finding the Right Balance in IT Management Networks

Cost-Performance Ratio: Finding the Right Balance in IT Management Networks

🕓 June 16, 2025

Customizing Atera with APIs

Customizing Atera with APIs

🕓 March 3, 2025

Power Up Your IT Team’s Strategy with Atera’s Communication Tools

Power Up Your IT Team’s Strategy with Atera’s Communication Tools

🕓 February 8, 2025

Cyber Security
Illustration of the Cato Cloud architecture showing its role in delivering SASE for secure, optimized global connectivity.

Understanding the Cato Cloud and Its Role in SASE

🕓 January 29, 2025

Isometric illustration of professionals managing network performance, bandwidth analytics, and cloud-based optimization around the Cato Networks platform, symbolizing bandwidth control and QoS visibility.

Mastering Bandwidth Control and QoS in Cato Networks

🕓 July 26, 2025

Global network backbone powering Cato SASE solution for secure, high-performance connectivity across regions.

Global Backbone: The Engine Powering Cato’s SASE Solution

🕓 January 30, 2025

Illustration of team analyzing application traffic and usage insights on a large laptop screen using Cato’s dashboard, surrounded by network and cloud icons.

Cato Networks Application Visibility | Monitoring & Control

🕓 July 27, 2025

BCP / DR
Illustration showing diverse business and IT professionals collaborating with cloud, backup, and security icons, representing Vembu use cases for SMBs, MSPs, and IT teams.

Who Uses Vembu? Real-World Use Cases for SMBs, MSPs & IT Teams

🕓 July 12, 2025

Graphic showcasing Vembu’s all-in-one backup and disaster recovery platform with icons for cloud, data protection, and business continuity for IT teams and SMBs.

What Is Vembu? A Deep Dive Into the All in One Backup & Disaster Recovery Platform

🕓 July 6, 2025

Illustration showing Vembu backup and disaster recovery system with cloud storage, server racks, analytics dashboard, and IT professionals managing data.

The Rising Cost of Data Loss: Why Backup Is No Longer Optional?

🕓 August 14, 2025

3D isometric illustration of cloud backup and data recovery infrastructure with laptop, data center stack, and digital business icons — FSD Tech

RPO & RTO: The Heart of Business Continuity

🕓 August 15, 2025

Automation
Cross-Functional Collaboration with ClickUp

Fostering Cross-Functional Collaboration with ClickUp for Multi-Departmental Projects

🕓 February 11, 2025

ClickUp Project Reporting

Revolutionizing Enterprise Reporting with ClickUp’s Advanced Analytics and Dashboards

🕓 June 16, 2025

ClickUp’s Design Collaboration and Asset Management Tools

Empowering Creative Teams with ClickUp’s Design Collaboration and Asset Management Tools

🕓 February 26, 2025

ClickUp Communication and Collaboration Tools

ClickUp Communication and Collaboration Tools: Empowering Remote Teams

🕓 March 12, 2025

Decoded
Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA): All You Need to Know

🕓 December 7, 2025

L3 Switch

What Is an L3 Switch? L2 vs L3 & Why You Need Layer 3?

🕓 December 8, 2025

IPSec

IPSec Explained: Protocols, Modes, IKE & VPN Security

🕓 December 3, 2025

Datagram Transport Layer Security (DTLS)

What is Datagram Transport Layer Security (DTLS)? How it works?

🕓 December 4, 2025

    Subscribe to our newsletter!

    About Us

    Follow Us

    Copyright © 2024 | Powered by 

    Atera

    (55)

    Cato Networks

    (121)

    ClickUp

    (76)

    FishOS

    (7)

    Miradore

    (21)

    PointGuard AI

    (9)

    Vembu

    (22)

    Xcitium

    (33)

    ZETA HRMS

    (79)

    Table of Contents

    Setting Up Sites in CMA – Socket vs. vSocket vs. Cloud-Only

    Anas Abdu Rauf
    July 23, 2025
    Comments
    IT professionals managing cloud-connected server infrastructure with laptops, symbolizing Cato SASE site setup and cloud deployment in UAE

    Introduction

    Site deployment is the backbone of any secure, global network strategy. In Cato’s SASE platform, setting up sites is a foundational task — whether you’re connecting a branch office, a cloud workload, or a virtual location within your data center. With the new CMA UI, site onboarding is not only streamlined but also built around deployment realities like bandwidth constraints, security posture, and failover readiness.
     

    In this guide, we’ll break down how to set up different types of sites, clarify where to find each function in the CMA, and walk you through real-world tips that can save you hours of troubleshooting.
     

    Key Takeaways

    • Understand the differences between Socket, vSocket, and Cloud-only sites
    • Learn where to configure these sites in the CMA (Network > Sites)
    • Review deployment scenarios and tips for each site type
    • Explore options for resilience, DNS settings, and PoP assignment
    • Get field-ready with testing, monitoring, and go-live validation tips
       

    Where to Start: Navigating to Site Setup

    Log into the CMA, then go to:

    Network > Sites > Add Site

    From there, you can choose between: - Socket Site: For hardware-based site connections using a Cato Socket - vSocket Site: For virtualized environments using supported hypervisors - Cloud-Only Site: For connecting cloud-native environments without any appliance
     

    Cato Networks dashboard displaying site connectivity status with pie chart of connection types and an open “Add Site” panel for selecting branch, headquarters, or data center site type.

    Socket Sites – Physical, Reliable, and Resilient

    When to Use

    Use a Socket site when deploying to: - Branch offices with stable WAN access - HQs needing high-throughput connections - Locations requiring dual-WAN redundancy

    Configuration Highlights

    • Socket Serial Number: Required to pair physical hardware
    • PoP Assignment: Manually or automatically select based on geography
    • WAN Settings: Configure primary and secondary links
    • Local DHCP / DNS: Adjust to integrate with existing LAN settings

    Admin Tip

    If your location has an existing router/firewall, place the Cato Socket in bridge mode to avoid NAT conflicts.
     

    vSocket Sites – Virtual Flexibility

    When to Use

    Use a vSocket for: - Data centers - Virtual labs and SDN test environments - Edge locations without space for physical hardware

    Configuration Highlights

    • Hypervisor Support: KVM, VMware, and others
    • License Allocation: vSockets consume site licenses just like physical sockets
    • Boot File Generation: Download the config to install in your virtual host

    Real-World Tip

    Always validate time sync (NTP) in your hypervisor or vSocket may fail to authenticate with Cato.
     

    Cloud-Only Sites – Cloud-Native Simplicity

    When to Use

    Go Cloud-only if you need to connect: - SaaS environments like Microsoft 365 or Salesforce - Cloud-hosted apps in AWS, Azure, or GCP - Remote infrastructure you don’t control physically

    Configuration Highlights

    • No hardware or VM required
    • Route-based tunneling setup via standard IPsec
    • Custom DNS and subnet tagging for app-level visibility

     

    Duplicate view of Cato’s site management panel showing network-wide connectivity metrics and the site type dropdown within the Add Site interface.



     

    Cato Networks Add Site panel with site type set to Branch and Cloud Connector options dropdown showing preset configuration templates for integration.

    Best Practice

    Use Cloud-only sites with Cato’s CASB and FWaaS capabilities for more granular security at the data layer.
     

    Field-Tested Workflow: Deploying a Site in Minutes

    Let’s walk through a hybrid deployment:

    1. Go to Network > Sites > Add Site
    2. Select Socket, enter the serial number, assign PoPs
    3. Set primary/secondary WAN settings (e.g. MPLS + LTE failover)
    4. Configure LAN, DHCP, and DNS
    5. Verify connectivity in Site Overview
    6. Test routing in Network > Tools > Ping/Traceroute
    7. Apply firewall policies in Security > Internet Firewall

    Within 30–60 minutes, the site should be production-ready.
     

    Next Steps

    After setup, go to Home > Experience Monitoring to confirm app performance and site latency. Schedule a bandwidth test or simulate failover using the Network > Tools suite to validate your deployment under real load conditions.
     

    FAQ Summary

    Can I use a vSocket for cloud-only environments?

    No. vSocket requires a virtual host. Use Cloud-only sites for SaaS or IPsec-based cloud apps.
     

    Is it possible to change site type after creation?

    No. You’ll need to delete and recreate the site with the correct type.


    How are PoPs assigned?

    Cato auto-assigns based on latency, or you can override manually.


    Can I use static IPs instead of DHCP?

    Yes. Under WAN settings, select manual configuration.


    Does Cato support high-availability (HA) at sites?

    Yes. Configure dual Socket deployment for failover scenarios.

    Setting Up Sites in CMA – Socket vs. vSocket vs. Cloud-Only

    About The Author

    Anas Abdu Rauf

    Anas is an Expert in Network and Security Infrastructure, With over seven years of industry experience, holding certifications Including CCIE- Enterprise, PCNSE, Cato SASE Expert, and Atera Certified Master. Anas provides his valuable insights and expertise to readers.

    Like This Story?

    Share it with friends!

    Subscribe to our newsletter!

    Isometric illustration of a centralized performance platform connected to analytics dashboards and team members, representing goal alignment, measurable outcomes, risk visibility, and strategic project tracking within ClickUp.

    How ClickUp Enables Outcome-Based Project Management (Not Just Task Tracking)

    🕓 February 15, 2026

    Isometric illustration of a centralized executive dashboard platform connected to analytics panels, performance charts, security indicators, and strategic milestones, representing real-time business visibility and decision control within ClickUp.

    Executive Visibility in ClickUp – How CXOs Gain Real-Time Control Without Micromanaging

    🕓 February 13, 2026

    Cato SASE Architecture

    Inside Cato’s SASE Architecture: A Blueprint for Modern Security

    🕓 January 26, 2025

    Workflow Automation(8)

    Workforce Automation(1)

    AI Project Management(1)

    HR Data Automation(1)

    RMM(1)

    IT Workflow Automation(1)

    IT security(2)

    GCC compliance(4)

    Payroll Integration(2)

    IT support automation(3)

    procurement automation(1)

    lost device management(1)

    IT Management(5)

    IoT Security(2)

    Cato XOps(2)

    IT compliance(4)

    Task Automation(1)

    Workflow Management(1)

    Kubernetes lifecycle management(2)

    OpenStack automation(1)

    AI-powered cloud ops(1)

    SMB Security(8)

    Data Security(1)

    MDR (Managed Detection & Response)(4)

    MSP Automation(3)

    Atera Integrations(2)

    XDR Security(2)

    Ransomware Defense(3)

    SMB Cyber Protection(1)

    HR Tech Solutions(1)

    Zero Trust Network Access(3)

    Zero Trust Security(2)

    Endpoint Management(1)

    SaaS Security(1)

    Payroll Automation(5)

    IT Monitoring(2)

    Xcitium EDR SOC(15)

    Ransomware Protection GCC(1)

    Network Consolidation UAE(1)

    M&A IT Integration(1)

    MSSP for SMBs(1)

    SMB Cybersecurity GCC(1)

    FSD-Tech MSSP(25)

    Ransomware Protection(3)

    Managed EDR FSD-Tech(1)

    Antivirus vs EDR(1)

    Cybersecurity GCC(12)

    Endpoint Security(1)

    Data Breach Costs(1)

    Endpoint Protection(1)

    SMB Cybersecurity(8)

    Zero Dwell Containment(31)

    Managed Security Services(2)

    Xcitium EDR(30)

    Cloud Backup(1)

    Hybrid Backup(1)

    Backup & Recovery(1)

    pointguard ai(4)

    vembu(9)

    SMB data protection(9)

    backup myths(1)

    disaster recovery myths(1)

    Disaster Recovery(4)

    Vembu BDR Suite(19)

    DataProtection(1)

    GCCBusiness(1)

    Secure Access Service Edge(4)

    GCC IT Solutions(1)

    Unified Network Management(1)

    GCC HR software(20)

    open banking(1)

    financial cybersecurity(2)

    CC compliance(1)

    Miradore EMM(15)

    Government Security(1)

    Cato SASE(8)

    Hybrid Learning(1)

    Cloud Security(9)

    GCC Education(1)

    Talent Development(1)

    AI Risk Management(1)

    AI Compliance(2)

    AI Governance(4)

    AI Cybersecurity(12)

    AI Security(2)

    Secure Remote Access(1)

    GCC business security(1)

    GCC network integration(1)

    compliance automation(5)

    GCC cybersecurity(3)

    education security(1)

    BYOD security Dubai(8)

    Miradore EMM Premium+(5)

    App management UAE(1)

    MiddleEast(1)

    HealthcareSecurity(1)

    Team Collaboration(1)

    IT automation(12)

    Zscaler(1)

    SD-WAN(7)

    share your thoughts

    Illustration showing identity-centric Zero Trust security with the Cato Client acting as a continuous identity signal, connecting users, devices, cloud resources, and OT systems through unified policy enforcement.”

    How the Cato Client Becomes the Identity Anchor for Zero Trust Access

    🕓 January 25, 2026

    Context-aware firewall enforcement in Cato SASE illustrating how device platform, country, and origin of connection enhance Zero Trust security beyond basic device context.

    Platforms, Countries, and Origin of Connection: Advanced Device Criteria in Cato Firewall

    🕓 January 24, 2026

    Cato SASE platform visual showing device-aware WAN firewall enforcement with centralized security controls, analytics dashboards, IPS, and Zero Trust policy monitoring across enterprise infrastructure.

    Device-Aware WAN Firewall Policies in Cato SASE

    🕓 January 23, 2026

    Decoded(117)

    Cyber Security(118)

    BCP / DR(22)

    Zeta HRMS(78)

    SASE(21)

    Automation(76)

    Next Gen IT-Infra(118)

    Monitoring & Management(76)

    ITSM(22)

    HRMS(21)

    Automation(24)