VMware, the global virtualization and cloud infrastructure vendor, has announced that VMware vCloud Government Service provided by Carpathia has achieved the Provisional Authority to Operate (ATO) through the U.S. Government’s Federal Risk and Authorization Management Program (FedRAMP). FedRAMP ATO is mandatory for any cloud hosting service provider serving the Federal government, and VMware’s offering is now generally available to U.S. government and defense organizations.
VMware vCloud Government Service – an Infrastructure-as-a-Service (IaaS) hybrid cloud – is based on the VMware vSphere platform used by all cabinet level agencies, all military services, the Department of Defense and the Judicial and Legislative branches of government.
As a result of the compatibility between vSphere-based virtual infrastructure in the data center and vCloud Government Service, organizations investing in VMware vCloud Government Service can expect to move workloads seamlessly between their internal resources and cloud hosting environments.
This would be ideal for government agencies seeking to augment existing IT infrastructure capacity, enhance continuity of operations and disaster recovery, facilitate application development and testing operations, and host standard, packaged applications such as email and collaboration – without re-architecting for new infrastructure or retraining personnel on net-new technologies, tools and processes.
“As the U.S. Federal government continues to move to a cloud-first approach to IT, VMware used FedRAMP’s standard approach for conducting security assessments to reduce duplicative authorization efforts while also ensuring it meets the Federal requirements for all customers across government,” said Matt Goodrich, FedRAMP Director. “This provisional authorization confirms that VMware vCloud Government Service provided by hosting provider Carpathia meets the stringent security and privacy requirements of FedRAMP.”
The architecture incorporates many of VMware‘s most advanced capabilities including VMware NSX network and security virtualization, vSphere vMotion for data and storage migration, and others. With VMware NSX, vCloud Government Service would be able to extend a logical network across both the public and private cloud, empowering customers to quickly provision applications with full network and security policy portability across the hybrid cloud without ever having to touch the physical infrastructure.
VMware NSX also allows granular network security, with distributed policy enforcement at every virtual interface and in-kernel scale-out firewalling distributed to every hypervisor and baked into the platform.
FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This approach uses a “do once, use many times” framework that can reduce government organizations’ costs, time, and staff required to conduct redundant agency security assessments.