Skip to content
Find out how we support MDR.



Beta integrations are provided " AS IS " and free of charge during the beta phase. All use of beta integrations is at your sole discretion, and any use is subject to Sophos End User Terms of Use.

You must have the Network integrations license pack to use this feature.

You can integrate Cato with Sophos Central so that it sends data to Sophos for analysis.

This integration is API-based.

The key steps are as follows:

  • Get your Cato account ID.
  • Generate a Cato API key.
  • Configure an integration in Sophos Central.

Get your Cato account ID

To look up your account ID, do as follows:

In the Cato Management Application, go to Administration > Account > General Info.

Your account ID is shown in the upper right of the page.

Generate a Cato API Key

To generate the Cato API Key you need for integration, do as follows:

  1. In the Cato Management Application, go to Administration > API & Integrations.
  2. On the API Keys tab, click New. The Create API Key dialog opens.

    Create API Key dialog.

  3. Enter a Key Name.

  4. In API Permission, select View.

  5. Leave Expired at blank.

    We don't recommend setting an expiration date for the key. An expired key prevents data being sent to Sophos.

  6. (Optional) For additional security, in Allow access from IPs, select Specific IP list, and define the IP addresses that are allowed to use this API key.

    For details of Sophos IPs you might want to specify, see Sophos IPs for integrations.

  7. Click Apply. The API key is added, and a pop-up containing the new API key is displayed.

    Copy the API key and save it to a secure location. After you close the pop-up, you can't see the API key again.

  8. Click OK.

Next, you configure an integration in Sophos Central.

Configure an integration

To integrate Cato with Sophos Central, do as follows:

  1. In Sophos Central, go to Threat Analysis Center > Integrations > Marketplace.
  2. Click Cato.

    The Cato page opens. You can configure integrations here and see a list of any you've already configured.

  3. Click Add Configuration.


    If this is the first integration you've added, we'll ask for details about your internal domains and IPs. See My domains and IPs.

  4. In Integration steps, do as follows:

    1. Enter the Name and Description.
    2. Enter the Account ID and API Key you got from Cato.
  5. Click Save.

We create the integration and it appears in your list. If its status icon shows a green tick, your data appears in the Sophos Data Lake after validation.

More information