U.S. federal agencies working with the government’s most sensitive, unclassified data can now use the comprehensive, best-in-class security capabilities available from Palo Alto Networks to secure their data, users and devices wherever they are. Prisma® SASE—the single-vendor secure access service edge (SASE) solution that provides Zero Trust security, exceptional networking and AI-powered operations—has achieved Federal Risk and Authorization Management Program (FedRAMP) High Authorization. Palo Alto Networks is the only vendor to be recognized as a Leader in all three GartnerⓇ Magic QuadrantTM reports—Single-Vendor SASE, SSE, and SD-WAN1— to have FedRAMP High, FedRAMP Moderate and DoD Impact Level 5 (IL5) authorizations.
Prisma SASE Helps U.S. Federal Agencies Enable a Zero Trust Strategy
Prisma SASE comprises Prisma Access, Prisma SD-WAN and Autonomous Digital Experience Management (ADEM) to enable consistent security and provide an exceptional experience for IT teams and end users, whether working in the office, on the go, or at home. Prisma SASE protects all application traffic with best-in-class security capabilities while securing access and data, dramatically reducing the risk of a data breach.
Prisma Access Provides Comprehensive Zero Trust Security
Prisma Access delivers the security service edge (SSE) capabilities for Prisma SASE, including a secure web gateway (SWG), Zero Trust network access (ZTNA), cloud access security broker (CASB), and firewall as a service (FWaaS). These features protect an organization’s networks, applications and data from multiple security challenges, including phishing, data loss, malware, ransomware and more.
SWG Prevents Threats Within a Zero Trust Strategy
The SWG capabilities within Prisma Access include Advanced WildFire®, the industry’s largest malware prevention engine. It uses machine learning and crowdsourced intelligence to protect organizations from unknown and highly invasive malware. In addition, SWG provides intrusion protection system (IPS) capabilities that stop command and control (C2) attacks and vulnerability exploits. It also provides URL filtering to ensure safe access to the web and prevent advanced web-based threats such as phishing.
ZTNA Secures Network, Data & Application Access to Achieve Zero Trust
ZTNA within Prisma Access reduces the risk of breach with fine-grained, least-privileged access capabilities to ensure users only have access to the data and tools they need according to their unique job requirements and expectations.
Prisma Access ZTNA capabilities also include continuous trust verification that assesses real-time risk based on changes in user behavior, device posture and app activity and provides continuous, real-time security inspection of all network traffic and connections.
CASB Protects Data & Prevents Data Loss for Comprehensive Zero Trust
U.S. federal agencies can now use the CASB capabilities available with Prisma Access for high-performing data security that helps protect them from data breaches and data compliance-related concerns.
The CASB solution with Prisma Access includes SaaS Security, which helps IT teams discover, manage and protect against sanctioned and unsanctioned SaaS application risks that may proliferate across their networks. SaaS Security also helps maintain consistent security policy enforcement and prevents threats to sensitive information, users and resources.
SaaS Security Posture Management (SSPM), another CASB component available with Prisma Access, helps detect and remediate misconfigured security settings in sanctioned SaaS applications through continuous monitoring.
Prisma SD-WAN Extends Zero Trust to Branch Offices
Prisma SD-WAN provides the networking component of Prisma SASE. Now FedRAMP High Authorized, U.S. federal agencies can use an SD-WAN solution that delivers a Zero Trust branch with secure connectivity for all branch users, applications and devices while simplifying and streamlining operations.
ADEM Improves End User & IT Team Experience Within a Zero Trust Architecture
ADEM empowers IT operations teams to increase productivity and deliver an exceptional application experience for users working from anywhere. ADEM provides holistic observability to automate complex IT operations, reduce ticket volume, and shorten the mean time to resolution (MTTR) for end-user issues.
U.S. Federal Government Mandate Requires a Zero Trust Architecture
Almost three years ago, the Office of Management and Budget (OMB) released a federal strategy to move the U.S. government toward a Zero Trust approach to cybersecurity. This strategy is an element of the Executive Order on Improving the Nation’s Cybersecurity that focuses on advancing security measures to dramatically reduce the risk of successful cyberattacks against the federal government’s digital infrastructure.
In addition to the executive order, the National Institute of Standards and Technology (NIST) issued NIST Special Publication 800-207A, which provides a comprehensive set of Zero Trust principles and referenced Zero Trust architectures (ZTA) to remove the implicit trust in users, services and devices based only on their network location, affiliation and ownership.
These rules and requirements give U.S. federal agencies direction on the expectations and requirements to protect the national digital infrastructure from cyberattacks. With its FedRAMP High Authorization, Prisma SASE is now available for U.S. federal agencies to implement as a part of their Zero Trust strategy in compliance with the NIST principles and reference architectures.
What Is FedRAMP High Authorization?
FedRAMP High Authorization is required for U.S. federal agencies that use data and systems where loss of confidentiality, integrity or availability could result in a severe or catastrophic adverse effect on organizational operations, assets or individuals.
FedRAMP High Authorization is required to protect the U.S. government’s most sensitive, unclassified data in cloud computing environments. This includes data that protects lives or could cause financial ruin. Examples of data systems requiring FedRAMP High Authorization include those used by law enforcement, emergency services, and financial and health systems.
Prisma SASE Provides Superior Protection for the U.S. Federal Government
Prisma SASE is now available for those U.S. federal agencies required to implement cybersecurity solutions that meet the stringent FedRAMP High Authorization criteria. With superior protections for data, users and devices wherever they are, Prisma SASE should be on every U.S. federal agency’s shortlist as they work to shore up their digital infrastructure and deliver a comprehensive Zero Trust architecture.
Reach out to a U.S. federal cybersecurity expert at Palo Alto Networks today and learn how Prisma SASE can help deliver against your Zero Trust strategy.
1GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally. Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.
Gartner, Magic Quadrant for Security Service Edge, By Charlie Winckless, Thomas Lintemuth, Dale Koeppen, 15 April 2024.
Gartner, Magic Quadrant for SD-WAN, Jonathan Forest, Karen Brown, Nauman Raja, 30 September 2024
Gartner, Magic Quadrant for Single-Vendor SASE, 03 July 2024, Andrew Lerner, Jonathan Forest, Neil MacDonald, Charlie Winckless
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.